[PATCH openbmc 0/6] Persistent 1
stewart at linux.vnet.ibm.com
Fri Jan 22 13:16:19 AEDT 2016
OpenBMC Patches <openbmc-patches at stwcx.xyz> writes:
> The openbmc-phosphor include has been updated to build two
> file systems: an initramfs packaged into an initrd for
> setting up the root file system, and a read-only squashfs
> with xz compression to hold the main data. The final 4MB
> of the 32MB flash is used to hold a read/write overlay over
> the squashfs maintaining updates for any files changed
> that are not mounted in a tmpfs directory.
> The first-boot is triggering systemd-update-hwdb.service which is trying
> to recreate a 60MB file in our 4MB file system. It obviously fails, but
> it also sometimes times out and causes the ttyS4.device and ttyS0.device
> files that are trying to run concurrently to also fail. This causes the
> console getty to not be started. If this occurs you can login over the
> network if you had previously setup systemd (or set ip= in bootargs from
> u-boot), otherwise you will need to reboot then address the unclean ext4
> fsck issue above.
While this probably isn't a too bad stop-gap measure, fundamentally,
it's probably better to have all persistent data in a specfiic
mountpoint so that the BMC stack itself can be near impossible to modify
(err... backdoor) at runtime.
With a persistent overlay, it makes it much easier to persistently
backdoor the BMC (which isn't ideal).
Do we have a plan to head towards something like:
- root on dm_verify
- root mounted ro
- strong, enforcing SELinux
- all persistent data on /data or somewhere, no exec, and all that jazz
OPAL Architect, IBM.
More information about the openbmc