Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2174280imu;
        Tue, 6 Nov 2018 10:08:54 -0800 (PST)
X-Google-Smtp-Source: AJdET5chOirxtSw7CP84yfdd/Eib0GDhGSE35SSuULI66HaL72PrsXM+GMuJdkP0wPJlM36dXjyS
X-Received: by 2002:a62:7dcc:: with SMTP id y195-v6mr12791196pfc.60.1541527734443;
        Tue, 06 Nov 2018 10:08:54 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1541527734; cv=none;
        d=google.com; s=arc-20160816;
        b=DfWB/QvTD6ZEOh2GNFwbNhK48ryeh0Rwb5etICAEMxOKMDB4EP4Im5HnPqaLmo5Bc5
         Qo7HXzQOg0M1NDZLhX8aNVh9UfDQyU2f5H2/Lg7Xvif1tlSAVErrD0CS9XFEeGq0uPt1
         xF+28DjGUEyDPfRHTHTkW/Nz4L/QYuJEYRqGgMprFTXt6BhMfRAxNMFlDcBIgB47BZBX
         PP5PAO1XP/laQgZKKOpaBMweSyMIK9A0OmTrQKujeMtXotWHseQXHEEAcCSxuvpY8spx
         nlFp0gjIVoFIKsXs3alNA3e8ncjRanx8qa5fu+s0+jnE30hgPtaOjkVx202gf8+Mbf+r
         Uh3A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=1KByZh80S8VO4Fsc4REMZ/axZc7RcKl8IBjbEoWc78Q=;
        b=iWbIWt4RTZ1NsADmfBFBnzsKYgIi5X7wuK6vA4m0DPBMVYggqX1yYkvNXhmDp2XHnH
         BwVbAwOd3otiAtaffDaRnxnwPR1ai5mTvABYaX4qYHxy2EX3IF6SBxRRHYrxUB99Kb80
         dANIP0RbIxuhKF4fzxvvfNRm1DLEu0m7JJJXa/ptfrK7s/htfxPmKD/f/MIXrCWdjgQA
         P8icx8wrUohLiIC2x+vA36d4KE9fYvzSq8htfAS/TOQMQDEadMRlrkM5/EXCZYT5vSS5
         kBpmI5aF7CQx1qweSDQd0lILV8QctXlNNCm5wyHOmuHDn75ShfF34ETeKQL7BlW9HVeS
         S5wA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=W5vaA920;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l12-v6si38838729plc.54.2018.11.06.10.08.38;
        Tue, 06 Nov 2018 10:08:54 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=W5vaA920;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2388668AbeKFXto (ORCPT <rfc822;epopevad@gmail.com> + 99 others);
        Tue, 6 Nov 2018 18:49:44 -0500
Received: from mail-wm1-f65.google.com ([209.85.128.65]:38207 "EHLO
        mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S2388493AbeKFXto (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 6 Nov 2018 18:49:44 -0500
Received: by mail-wm1-f65.google.com with SMTP id l2-v6so12123940wmh.3
        for <linux-kernel@vger.kernel.org>; Tue, 06 Nov 2018 06:24:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=1KByZh80S8VO4Fsc4REMZ/axZc7RcKl8IBjbEoWc78Q=;
        b=W5vaA9209PGLtwBkr+B6o8bl34tuXWynrInrxxJgWDlWBG3DBc+t6/hSxoaCLCMiGE
         +UnpXpOPNfC5zew682Shc3iGaJy4Fw4fvX6quJaZgnd9i1pV7OH//ewe0oXq6U7MYIGG
         4vLbJQ9GVtcmiWDcBBz9KrobnMQIZTjpj/iaE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=1KByZh80S8VO4Fsc4REMZ/axZc7RcKl8IBjbEoWc78Q=;
        b=jgFh4f4l7T3BiZ11ozLmrCCs7ROfwk9DMiU4Ur3WAXsoezi4hm71DQI9Pn4dDrmCar
         W2YkfOStsURArzivyjrHV0kBUXoWs9KMmbRVi3MTuxjNNk2k5sDuW0mXYi6YROf9O43n
         mTXikhgNhlzuo0Z9V6G295P3ai7vetT3XO52LVHUuwAfcuDsTiCJVPddwoEc3a146s4I
         pWYDVGBKnb44dqtLXENfyWvOm1q5tgEL954nHk/61ZudgdVV46mb5w7Q1fVZzwv0XF1r
         NpvBcqwUeVXhWvDYZbmA+7FkibZXAzSCvKgvQCLKisnXc0NrYAqm+ZjdqUczUNWYnE5C
         4r2w==
X-Gm-Message-State: AGRZ1gJ0k+kdXKX/YirWVoNiPP9KGvhlZkMYm32bzV2YZVte9+gS7L7M
        zTotbPaZvSQk+fiNzP0+68n4wycxUx3zyjSwYvAUDA==
X-Received: by 2002:a1c:98ce:: with SMTP id a197-v6mr2289527wme.135.1541514255024;
 Tue, 06 Nov 2018 06:24:15 -0800 (PST)
MIME-Version: 1.0
References: <20181103035341.16893-1-helen.koike@collabora.com> <3624012.MiIzIq7dko@blindfold>
In-Reply-To: <3624012.MiIzIq7dko@blindfold>
From:   Will Drewry <wad@chromium.org>
Date:   Tue, 6 Nov 2018 08:24:02 -0600
Message-ID: <CAAFS_9F62S_rm2uJDzXJzJyM82-o-xBAnx5Rkk-3iDD53YS72g@mail.gmail.com>
Subject: Re: [PATCH v10 0/2] dm: boot a mapped device without an initramfs
To:     richard@nod.at
Cc:     helen.koike@collabora.com, Kees Cook <keescook@chromium.org>,
        device-mapper development <dm-devel@redhat.com>,
        Alasdair G Kergon <agk@redhat.com>,
        Mike Snitzer <snitzer@redhat.com>,
        LKML <linux-kernel@vger.kernel.org>,
        enric.balletbo@collabora.com, linux-doc@vger.kernel.org,
        linux-lvm@redhat.com, kernel@collabora.com
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Richard, Helen,

On Sat, Nov 3, 2018 at 4:10 AM Richard Weinberger <richard@nod.at> wrote:
>
> Helen,
>
> Am Samstag, 3. November 2018, 04:53:39 CET schrieb Helen Koike:
> > As mentioned in the discussion from the previous version of this patch, Android
> > and Chrome OS do not use initramfs mostly due to boot time and size liability.
>
> Do you have numbers on that?

Originally, we saved ~200 ms, but I don't think we have recent
numbers.  (Unless Helen has some!) We first authored and posted this
patch in 2010:
- https://marc.info/?l=dm-devel&m=127429492521964&w=2
- https://marc.info/?l=dm-devel&m=127429499422096&w=2
- https://marc.info/?l=dm-devel&m=127429493922000&w=2

Every Chrome OS device uses a variant of this patch as well as
Android devices starting last year (if they use AVB 2.0).

Originally, the intent was the measured latency reduction.  We get a
linear speed
improvement when doing a cryptographic verification of the kernel and
initramfs.
Why? More data == more hashes (sha256 w/compute per block).  There's
additional overhead from bringing up early userspace, but those are the
numbers I don't have.

> I understand that using something like dracut with systemd inside is not what you
> want from a boot time point of view.
> But having an initramfs embedded into the kernel image which contains only a single
> static linked binary can be *very* small and fast.
> If you invest a little more time, you don't even need a libc, just fire up some
> syscalls to setup your dm. I use this technique regularly on deeply embedded systems
> to setup non-trivial UBIFS/crypto stuff.
>
> Want I'm trying to say, before adding ad-hoc a feature to the kernel, we should be
> very sure that there is no other way to solve this in a sane manner.
> We have initramfs support for reasons.

I very much appreciate the perspective, but after 8 years in shipping
devices after
integrating feedback from kernel maintainers over the subsequent years, this
doesn't feel like an "ad-hoc" feature.  It's been effective and fit in
well with the
existing kernel functionality, etc (imho :).  What level of
performance improvement or
other changes might be necessary to make the cut?

Thanks!
will