On Fri, Feb 08, 2013 at 03:27:30PM +0200, Kasatkin, Dmitry wrote: > >> > >> Dmitry, > >> > >> How do we make sure that this is the first call to user mode helpers. I > >> see that we first unpacked unsigned initramfs. Then after a while we > >> unpacked signed initramfs on /root and did a chroot. But now there is > >> a window before chroot, where kernel might call into /sbin/hotplug or > >> /sbin/modprobe from unsigned initramfs? > >> > >> Specifically, I put some printk and I am seeing calls to /sbin/hotplug > >> before we even unpacked signed initramfs. > > > > I did some experiments and made this patch which prevents launching > of user mode helpers before pre-init from signed image is executed. > > I do not know if this is the right way to do it, but at least it works for me. > The whole idea of these patches is to allow simple usage of signed image, > without the need to modify kernel parameters (0 block) and boot loaders.... > > -------------------------------------------------------------------------------------------------- > commit a99eaa06ab142906da67800423425b7c5def0a3e > Author: Dmitry Kasatkin <dmitry.kasat...@intel.com> > Date: Fri Feb 8 15:05:22 2013 +0200 > > initramfs_sig: prevent usermode helpers before signed image is executed > > This patch prevents execution of user mode helper before /pre-init > is executed. > > Signed-off-by: Dmitry Kasatkin <dmitry.kasat...@intel.com>
Yep. This seems to have blocked the calls going out to user space and returns with -EBUSY Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
