Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp3757632pxb; Mon, 30 Aug 2021 09:57:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzh/O1sa1rSl3O6hXp4zkhf5mjd3jOB3Au89Fnnun/6CG1Ko2Gahu37kk1S2UwcBCpqDYk+ X-Received: by 2002:a92:cb4b:: with SMTP id f11mr17150135ilq.189.1630342643194; Mon, 30 Aug 2021 09:57:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1630342643; cv=none; d=google.com; s=arc-20160816; b=SS9/F3XXKt8uvXqjbOuJTcaYIfegQTOW4lf+s+n9qYwjz0LD2X7POuDGnpcul/1orC 6UCqHiSwVDdRE9V/3as4UPW7K7PjnhgjnU8Mk6A3KiPCNGw4eUiXO7/Gr637y9PW2pF0 LOW1CBSyAiCrEWy6qGVypyvP5Xu3fLniIGoIaEP9/ioCRKv+btyG0bi+4z3r4q+R+KwH vCbnLRmehB5nGiseZY1xCQZTemwIZEZV/kSSOdU6kyD28a7czE5Hd1Osqxdt8ztMmdRB DTEmZUD53UnszGBJpMPmJMsfM82FRx7Kq4mzDPUOeUMbzg5t6cccGPKB8LKgTI8JySyG mRyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date; bh=Z7tS28ZLbC/4jvaIJEE5yduk9SJNitKw0RI/hThxY3E=; b=rn4pNsqu1QSgcyAHr4S+CvD4bsINRrtRkNHBvdugduEZEDdwvNSoBop576gD98YIMS juh/m+yxwhLQ9+9lGrtbbvupYeymfKW8tXfA6biT7YG5if92HHgNrW3wy9WHYNjgvrrm EXUNLzVsZr+AI1+iFX9oDi+Ob9tLWRFNdw3sBJGj+8Wc5gsPz7hObl+L+cjGm3Ab9dUQ 9aewbt5Mxgk1y3uZuEzosyo3bcUHkvTq1gUuolV/eLoQkpP2hT5YOyY+h0OaP5bb9F2F 9cT3hWEnuvnB9PzsC04Mf895bbn32bNciL/Wi2Up4bVQFhiqNrCWf14AF30gG0u88jZ9 /alA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k17si16431573iow.29.2021.08.30.09.57.09; Mon, 30 Aug 2021 09:57:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237922AbhH3Q5B (ORCPT + 99 others); Mon, 30 Aug 2021 12:57:01 -0400 Received: from mslow1.mail.gandi.net ([217.70.178.240]:37631 "EHLO mslow1.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237836AbhH3Q5B (ORCPT ); Mon, 30 Aug 2021 12:57:01 -0400 Received: from relay9-d.mail.gandi.net (unknown [217.70.183.199]) by mslow1.mail.gandi.net (Postfix) with ESMTP id 3C85AC655E; Mon, 30 Aug 2021 16:56:06 +0000 (UTC) Received: (Authenticated sender: thomas.petazzoni@bootlin.com) by relay9-d.mail.gandi.net (Postfix) with ESMTPSA id A31E1FF809; Mon, 30 Aug 2021 16:55:42 +0000 (UTC) Date: Mon, 30 Aug 2021 18:55:41 +0200 From: Thomas Petazzoni To: Pintu Agarwal Cc: Mikulas Patocka , open list , Phillip Lougher , linux-fsdevel , linux-mtd , dm-devel@redhat.com, Kernelnewbies , agk@redhat.com, snitzer@redhat.com, Sami Tolvanen Subject: Re: Kernel 4.14: Using dm-verity with squashfs rootfs - mounting issue Message-ID: <20210830185541.715f6a39@windsurf> In-Reply-To: References: Organization: Bootlin X-Mailer: Claws Mail 3.18.0 (GTK+ 2.24.33; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, On Mon, 30 Aug 2021 21:55:19 +0530 Pintu Agarwal wrote: > Sorry for coming back to this again.. > Unfortunately, none of the options is working for us with squashfs > (bootloader, initramfs). > initramfs have different kinds of challenges because of the partition > size issue. > So, our preferred option is still the bootloader command line approach.. > > Is there a proven and working solution of dm-verity with squashfs ? > If yes, please share some references. > > The current problem with squashfs is that we could not append the > verity-metadata to squashfs, so we store it on a separate volume and > access it. Here, it definitely worked to append the hash tree to the squashfs image and store them in the same partition. > By specifying it like : /dev/mtdblock53 > > Then we get the error like this: > { > [ 4.950276] device-mapper: init: attempting early device configuration. > [ 4.957577] device-mapper: init: adding target '0 95384 verity 1 > /dev/ubiblock0_0 /dev/mtdblock53 4096 4096 11923 8 sha256 > 16da5e4bbc706e5d90511d2a3dae373b5d878f9aebd522cd614a4faaace6baa3 > aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7 10 > restart_on_corruption ignore_zero_blocks use_fec_from_device > /dev/mtdblock53 fec_roots 2 fec_blocks 12026 fec_start 12026' > [ 4.975283] device-mapper: verity: sha256 using implementation > "sha256-generic" > [ 4.998728] device-mapper: init: dm-0 is ready Could you show the full kernel command line ? > Do you see any other problem here with dm-verity cmdline or with squashfs ? > > Is squashfs ever proved to be working with dm-verity on higher kernel version ? > Currently our kernel version is 4.14. I confirm we used squashfs on dm-verity successfully. For sure on 4.19, perhaps on older kernels as well. > Or, another option is to use the new concept from 5.1 kernel that is: > dm-mod.create = ? How are you doing it today without dm-mod.create ? Again, please give your complete kernel command line. Best regards, Thomas -- Thomas Petazzoni, co-owner and CEO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com