reboot with reroot / 10.3
Dirk-Willem van Gulik
dirkx at webweaving.org
Mon Apr 4 12:07:57 UTC 2016
Trasz,
Thanks for the wonderful reroot present in 10.3 :) First tries work well for us for a couple of scenario’s around pivoting early from an ro-mounted bootup to mount the ‘real' encrypted root FS that has its key stored on remote hardware (previously we used Adrian Steinmann / ast his work on Pivot Root with a lot of care/order puzzles).
I gather that it creates a /de/reroot tempfs; copies the, at that time, on-disk version of init (as learned from a trusted kern.proc.pathname); executes init with a new -r; that essentially does (just) a kill (as only init can kill init) - and then things are mounted/cleaned up from there after attempting to run at least something from ‘kern.init_path’
Where would one go to understand the trust-chain/security aspects of this ? I.e. what locks the kill(1, SIGEMT) to the copy of the real init(8) ? Where are the places most at risk ?
Thanks,
Dw.
More information about the freebsd-hackers
mailing list