dracut: fall back to expected dm-verity hash offset#25
Merged
pothos merged 2 commits intoflatcar-masterfrom Jul 28, 2021
Merged
dracut: fall back to expected dm-verity hash offset#25pothos merged 2 commits intoflatcar-masterfrom
pothos merged 2 commits intoflatcar-masterfrom
Conversation
jepio
reviewed
Jul 15, 2021
The /usr partition should not be modified during mounting, even if it has some corruption. Rewriting the filesystem log would cause dm-verity errors when dm-verity is enabled later again. While the /usr partition normally is on a dm-verity block device in read-only mode there is some option to mount the partition without dm-verity and it wouldn't be a read-only block device anymore. Add the norecovery mount option which is supported for ext4 and btrfs.
The hash offset is found by looking at the filesystem size. When e2size can't find the size it returns "Success" in stderr for whatever reason and fortunately still returns an error exit code, stdout stays empty. This means that the dm-verity device setup won't work because the hash offset is the empty string. However, the hash offset is actually fixed because the GPT disk layout has to stay the same in Flatcar Container Linux as the partition contents are swapped out when updating. In case another filesystem like btrfs is used, e2size doesn't work and it makes sense to fall back to the only value which is supported in general. Hard code the hash offset value coming from the /usr filesystem size defined in flatcar-scripts/build_library/disk_layout.json.
40815dd to
0568f03
Compare
jepio
approved these changes
Jul 27, 2021
pothos
added a commit
to flatcar-archive/coreos-overlay
that referenced
this pull request
Jul 28, 2021
t-lo
pushed a commit
to flatcar/scripts
that referenced
this pull request
Apr 17, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
dracut: fall back to expected dm-verity hash offset
The hash offset is found by looking at the filesystem size. When
e2size can't find the size it returns "Success" in stderr for whatever
reason and fortunately still returns an error exit code, stdout stays
empty. This means that the dm-verity device setup won't work because
the hash offset is the empty string. However, the hash offset is
actually fixed because the GPT disk layout has to stay the same in
Flatcar Container Linux as the partition contents are swapped out
when updating. In case another filesystem like btrfs is used, e2size
doesn't work and it makes sense to fall back to the only value which
is supported in general.
Hard code the hash offset value coming from the /usr filesystem size
defined in flatcar-scripts/build_library/disk_layout.json.
dracut: add norecovery mount option for /usr
The /usr partition should not be modified during mounting, even if it
has some corruption. Rewriting the filesystem log would cause dm-verity
errors when dm-verity is enabled later again. While the /usr partition
normally is on a dm-verity block device in read-only mode there is some
option to mount the partition without dm-verity and it wouldn't be a
read-only block device anymore.
Add the norecovery mount option which is supported for ext4 and btrfs.
How to use/testing done
This was built and tested with the coreos-overlay branch
kai/bootengine-verity-hashoffsetfrom flatcar-archive/coreos-overlay#1106 and flatcar-scripts branchkai/btrfs-usr-oemfrom flatcar/scripts#131 in http://jenkins.infra.kinvolk.io:8080/job/os/job/manifest/3029/cldsv/ where the Flatcar image that has a btrfs /usr partition and OEM partition.While the actual switch to a btrfs filesystem on the /usr partition is only possible when all changes are part of a Stable release because update-engine needs to know how to handle the new filesystem when updating, we can already do the switch for the OEM partition.