On 30/06/21 1:28 am, Kairui Song wrote:
When running with squash module enabled for both initramfs, /dev and
/run are also mounted by squash-init, so move them to newroot as well,
else they might leak.
Also don't mount /sys since squash-init/systemd will mount it and
it's not required here.
Also pass `-d` to umount so loop devices (if used) will be force freed.
Signed-off-by: Kairui Song <kasong(a)redhat.com>
---
dracut-fadump-init-fadump.sh | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/dracut-fadump-init-fadump.sh b/dracut-fadump-init-fadump.sh
index 5468d99..cc67d1c 100755
--- a/dracut-fadump-init-fadump.sh
+++ b/dracut-fadump-init-fadump.sh
@@ -5,9 +5,6 @@ export SYSTEMD_IN_INITRD=lenient
[ -e /proc/mounts ] ||
(mkdir -p /proc && mount -t proc -o nosuid,noexec,nodev proc /proc)
-grep -q '^sysfs /sys sysfs' /proc/mounts ||
- (mkdir -p /sys && mount -t sysfs -o nosuid,noexec,nodev sysfs /sys)
-
This needs to be retained for squash-not-available case as
/proc/device-tree is a symbolic link to /sys/firmware/devicetree/base
and /sys being mounted, the below if condition will always fail.
grep -q '^none / ' /proc/mounts || grep -q '^rootfs /
' /proc/mounts && ROOTFS_IS_RAMFS=1
if [ -f /proc/device-tree/rtas/ibm,kernel-dump ] || [ -f
/proc/device-tree/ibm,opal/dump/mpipl-boot ]; then
@@ -20,9 +17,13 @@ if [ -f /proc/device-tree/rtas/ibm,kernel-dump ] || [ -f
/proc/device-tree/ibm,o
done
exec switch_root /newroot /init
else
- mkdir /newroot/sys /newroot/proc /newroot/oldroot
+ mkdir /newroot/sys /newroot/proc /newroot/dev /newroot/run /newroot/oldroot
+
+ grep -q '^devtmpfs /dev devtmpfs' /proc/mounts && mount --move /dev
/newroot/dev
+ grep -q '^tmpfs /run tmpfs' /proc/mounts && mount --move /run
/newroot/run
+ grep -q '^sysfs /sys sysfs' /proc/mounts && mount
--move /sys /newroot/sys...
- mount --move /sys /newroot/sys
Thus, the above snippet won't be needed
+
cp --reflink=auto --sparse=auto --preserve=mode,timestamps,links -dfr /fadumproot/.
/newroot/
cd /newroot && pivot_root . oldroot
@@ -31,11 +32,11 @@ if [ -f /proc/device-tree/rtas/ibm,kernel-dump ] || [ -f
/proc/device-tree/ibm,o
unset loop
while read -r _ mp _; do
case $mp in
- /oldroot/*) umount "$mp" && loop=1 ;;
+ /oldroot/*) umount -d "$mp" && loop=1 ;;
esac
done </proc/mounts
done
- umount -l oldroot
+ umount -d -l oldroot
exec /init
fi
Rest looks good!
Acked-by: Hari Bathini <hbathini(a)linux.ibm.com>