From: Dave Reisner <d@falconindy.com>
To: Dave Reisner <dreisner@archlinux.org>
Cc: util-linux@vger.kernel.org, thomas@archlinux.org
Subject: Re: [PATCH] switch_root: verify initramfs by f_type, not devno
Date: Wed, 2 Apr 2014 21:38:08 -0400 [thread overview]
Message-ID: <20140403013808.GD585@rampage> (raw)
In-Reply-To: <1396449690-4215-1-git-send-email-dreisner@archlinux.org>
On Wed, Apr 02, 2014 at 10:41:30AM -0400, Dave Reisner wrote:
> As of linux 3.14, the initramfs device will have both major and
> minor 0, causing our paranoia check to fail. Make this version agnostic
> by checking the filesystem type, rather than a device number.
>
> Signed-off-by: Dave Reisner <dreisner@archlinux.org>
> ---
> This is essentially what busybox's switch_root does. I don't think there's much
> value in checking the devno at all, as it seems to be a needless restriction.
> Let's just allow deleting anything that looks like non-persistent storage.
A bisect of the kernel reveals that 9e30cc9595303 is the responsible
change. It seems the kernel maintains its own mounts which are never
exposed to userspace (which also would explain the FSID gaps in
/proc/self/mountinfo). An instance of sysfs used to be one of these
kernel only mounts but, for some time now, has not needed to be. The
mentioned commit removes this kern_mount() call for sysfs, making the
initramfs the first entry in the mount table -- FSID 0 instead of 1.
I guess FSIDs are about as reliable as the numbering on block devices,
and this comparison in switch_root was never really the right
approach...
>
> sys-utils/switch_root.c | 14 ++++++++------
> 1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/sys-utils/switch_root.c b/sys-utils/switch_root.c
> index 1222fb1..dac946f 100644
> --- a/sys-utils/switch_root.c
> +++ b/sys-utils/switch_root.c
> @@ -23,6 +23,7 @@
> #include <sys/mount.h>
> #include <sys/types.h>
> #include <sys/stat.h>
> +#include <sys/statfs.h>
> #include <sys/param.h>
> #include <fcntl.h>
> #include <stdio.h>
> @@ -36,6 +37,7 @@
> #include "c.h"
> #include "nls.h"
> #include "closestream.h"
> +#include "statfs_magic.h"
>
> #ifndef MS_MOVE
> #define MS_MOVE 8192
> @@ -177,12 +179,12 @@ static int switchroot(const char *newroot)
> if (cfd >= 0) {
> pid = fork();
> if (pid <= 0) {
> - if (fstat(cfd, &sb) == 0) {
> - if (sb.st_dev == makedev(0, 1))
> - recursiveRemove(cfd);
> - else
> - warn(_("old root filesystem is not an initramfs"));
> - }
> + struct statfs stfs;
> + if (fstatfs(cfd, &stfs) == 0 &&
> + (stfs.f_type == STATFS_RAMFS_MAGIC || stfs.f_type == STATFS_TMPFS_MAGIC))
> + recursiveRemove(cfd);
> + else
> + warn(_("old root filesystem is not an initramfs"));
>
> if (pid == 0)
> exit(EXIT_SUCCESS);
> --
> 1.9.1
>
next prev parent reply other threads:[~2014-04-03 1:38 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-02 14:41 [PATCH] switch_root: verify initramfs by f_type, not devno Dave Reisner
2014-04-03 1:38 ` Dave Reisner [this message]
2014-04-03 8:09 ` Thomas Bächler
2014-04-04 12:55 ` Karel Zak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140403013808.GD585@rampage \
--to=d@falconindy.com \
--cc=dreisner@archlinux.org \
--cc=thomas@archlinux.org \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox