4:06 a.m.
On Wed, Jun 30, 2021 at 3:36 PM Hari Bathini <hbathini(a)linux.ibm.com> wrote:
On 30/06/21 1:02 pm, Hari Bathini wrote:
>
>
> On 30/06/21 1:28 am, Kairui Song wrote:
>> When running with squash module enabled for both initramfs, /dev and
>> /run are also mounted by squash-init, so move them to newroot as well,
>> else they might leak.
>>
>> Also don't mount /sys since squash-init/systemd will mount it and
>> it's not required here.
>>
>> Also pass `-d` to umount so loop devices (if used) will be force freed.
>>
>> Signed-off-by: Kairui Song <kasong(a)redhat.com>
>> ---
>> dracut-fadump-init-fadump.sh | 15 ++++++++-------
>> 1 file changed, 8 insertions(+), 7 deletions(-)
>>
>> diff --git a/dracut-fadump-init-fadump.sh b/dracut-fadump-init-fadump.sh
>> index 5468d99..cc67d1c 100755
>> --- a/dracut-fadump-init-fadump.sh
>> +++ b/dracut-fadump-init-fadump.sh
>> @@ -5,9 +5,6 @@ export SYSTEMD_IN_INITRD=lenient
>> [ -e /proc/mounts ] ||
>> (mkdir -p /proc && mount -t proc -o nosuid,noexec,nodev proc
/proc)
>
>> -grep -q '^sysfs /sys sysfs' /proc/mounts ||
>> - (mkdir -p /sys && mount -t sysfs -o nosuid,noexec,nodev sysfs
/sys)
>> -
>
> This needs to be retained for squash-not-available case as
> /proc/device-tree is a symbolic link to /sys/firmware/devicetree/base
> and /sys being mounted, the below if condition will always fail.
The above should read: "and without /sys being mounted,"...
Got it, thanks! I didn't test the non-squash case so mistakenly dropped /sys.
>
>> grep -q '^none / ' /proc/mounts || grep -q '^rootfs / '
/proc/mounts
>> && ROOTFS_IS_RAMFS=1
>> if [ -f /proc/device-tree/rtas/ibm,kernel-dump ] || [ -f
>> /proc/device-tree/ibm,opal/dump/mpipl-boot ]; then
>> @@ -20,9 +17,13 @@ if [ -f /proc/device-tree/rtas/ibm,kernel-dump ] ||
>> [ -f /proc/device-tree/ibm,o
>> done
>> exec switch_root /newroot /init
>> else
>> - mkdir /newroot/sys /newroot/proc /newroot/oldroot
>> + mkdir /newroot/sys /newroot/proc /newroot/dev /newroot/run
>> /newroot/oldroot
>> +
>> + grep -q '^devtmpfs /dev devtmpfs' /proc/mounts &&
mount
>> --move /dev /newroot/dev
>> + grep -q '^tmpfs /run tmpfs' /proc/mounts && mount
--move /run
>> /newroot/run
>
>
>> + grep -q '^sysfs /sys sysfs' /proc/mounts && mount
--move /sys
>> /newroot/sys...
>> - mount --move /sys /newroot/sys
>
> Thus, the above snippet won't be needed
>
>> +
>> cp --reflink=auto --sparse=auto
>> --preserve=mode,timestamps,links -dfr /fadumproot/. /newroot/
>> cd /newroot && pivot_root . oldroot
>> @@ -31,11 +32,11 @@ if [ -f /proc/device-tree/rtas/ibm,kernel-dump ]
>> || [ -f /proc/device-tree/ibm,o
>> unset loop
>> while read -r _ mp _; do
>> case $mp in
>> - /oldroot/*) umount "$mp" && loop=1 ;;
>> + /oldroot/*) umount -d "$mp" && loop=1 ;;
>> esac
>> done </proc/mounts
>> done
>> - umount -l oldroot
>> + umount -d -l oldroot
>> exec /init
>> fi
>>
>
> Rest looks good!
>
> Acked-by: Hari Bathini <hbathini(a)linux.ibm.com>
--
Best Regards,
Kairui Song