From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: Pintu Agarwal <pintu.ping@gmail.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>,
open list <linux-kernel@vger.kernel.org>,
Phillip Lougher <phillip@squashfs.org.uk>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
linux-mtd <linux-mtd@lists.infradead.org>,
dm-devel@redhat.com,
Kernelnewbies <kernelnewbies@kernelnewbies.org>,
agk@redhat.com, snitzer@redhat.com,
Sami Tolvanen <samitolvanen@google.com>
Subject: Re: Kernel 4.14: Using dm-verity with squashfs rootfs - mounting issue
Date: Mon, 30 Aug 2021 18:55:41 +0200 [thread overview]
Message-ID: <20210830185541.715f6a39@windsurf> (raw)
In-Reply-To: <CAOuPNLg0m-Q7Vhp4srbQrjXHsxVhOr-K2dvnNqzdR6Dr4kioqA@mail.gmail.com>
Hello,
On Mon, 30 Aug 2021 21:55:19 +0530
Pintu Agarwal <pintu.ping@gmail.com> wrote:
> Sorry for coming back to this again..
> Unfortunately, none of the options is working for us with squashfs
> (bootloader, initramfs).
> initramfs have different kinds of challenges because of the partition
> size issue.
> So, our preferred option is still the bootloader command line approach..
>
> Is there a proven and working solution of dm-verity with squashfs ?
> If yes, please share some references.
>
> The current problem with squashfs is that we could not append the
> verity-metadata to squashfs, so we store it on a separate volume and
> access it.
Here, it definitely worked to append the hash tree to the squashfs
image and store them in the same partition.
> By specifying it like : /dev/mtdblock53
>
> Then we get the error like this:
> {
> [ 4.950276] device-mapper: init: attempting early device configuration.
> [ 4.957577] device-mapper: init: adding target '0 95384 verity 1
> /dev/ubiblock0_0 /dev/mtdblock53 4096 4096 11923 8 sha256
> 16da5e4bbc706e5d90511d2a3dae373b5d878f9aebd522cd614a4faaace6baa3
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7 10
> restart_on_corruption ignore_zero_blocks use_fec_from_device
> /dev/mtdblock53 fec_roots 2 fec_blocks 12026 fec_start 12026'
> [ 4.975283] device-mapper: verity: sha256 using implementation
> "sha256-generic"
> [ 4.998728] device-mapper: init: dm-0 is ready
Could you show the full kernel command line ?
> Do you see any other problem here with dm-verity cmdline or with squashfs ?
>
> Is squashfs ever proved to be working with dm-verity on higher kernel version ?
> Currently our kernel version is 4.14.
I confirm we used squashfs on dm-verity successfully. For sure on 4.19,
perhaps on older kernels as well.
> Or, another option is to use the new concept from 5.1 kernel that is:
> dm-mod.create = ?
How are you doing it today without dm-mod.create ?
Again, please give your complete kernel command line.
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: Pintu Agarwal <pintu.ping@gmail.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>,
open list <linux-kernel@vger.kernel.org>,
Phillip Lougher <phillip@squashfs.org.uk>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
linux-mtd <linux-mtd@lists.infradead.org>,
dm-devel@redhat.com,
Kernelnewbies <kernelnewbies@kernelnewbies.org>,
agk@redhat.com, snitzer@redhat.com,
Sami Tolvanen <samitolvanen@google.com>
Subject: Re: Kernel 4.14: Using dm-verity with squashfs rootfs - mounting issue
Date: Mon, 30 Aug 2021 18:55:41 +0200 [thread overview]
Message-ID: <20210830185541.715f6a39@windsurf> (raw)
In-Reply-To: <CAOuPNLg0m-Q7Vhp4srbQrjXHsxVhOr-K2dvnNqzdR6Dr4kioqA@mail.gmail.com>
Hello,
On Mon, 30 Aug 2021 21:55:19 +0530
Pintu Agarwal <pintu.ping@gmail.com> wrote:
> Sorry for coming back to this again..
> Unfortunately, none of the options is working for us with squashfs
> (bootloader, initramfs).
> initramfs have different kinds of challenges because of the partition
> size issue.
> So, our preferred option is still the bootloader command line approach..
>
> Is there a proven and working solution of dm-verity with squashfs ?
> If yes, please share some references.
>
> The current problem with squashfs is that we could not append the
> verity-metadata to squashfs, so we store it on a separate volume and
> access it.
Here, it definitely worked to append the hash tree to the squashfs
image and store them in the same partition.
> By specifying it like : /dev/mtdblock53
>
> Then we get the error like this:
> {
> [ 4.950276] device-mapper: init: attempting early device configuration.
> [ 4.957577] device-mapper: init: adding target '0 95384 verity 1
> /dev/ubiblock0_0 /dev/mtdblock53 4096 4096 11923 8 sha256
> 16da5e4bbc706e5d90511d2a3dae373b5d878f9aebd522cd614a4faaace6baa3
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7 10
> restart_on_corruption ignore_zero_blocks use_fec_from_device
> /dev/mtdblock53 fec_roots 2 fec_blocks 12026 fec_start 12026'
> [ 4.975283] device-mapper: verity: sha256 using implementation
> "sha256-generic"
> [ 4.998728] device-mapper: init: dm-0 is ready
Could you show the full kernel command line ?
> Do you see any other problem here with dm-verity cmdline or with squashfs ?
>
> Is squashfs ever proved to be working with dm-verity on higher kernel version ?
> Currently our kernel version is 4.14.
I confirm we used squashfs on dm-verity successfully. For sure on 4.19,
perhaps on older kernels as well.
> Or, another option is to use the new concept from 5.1 kernel that is:
> dm-mod.create = ?
How are you doing it today without dm-mod.create ?
Again, please give your complete kernel command line.
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: Pintu Agarwal <pintu.ping@gmail.com>
Cc: Sami Tolvanen <samitolvanen@google.com>,
snitzer@redhat.com,
Kernelnewbies <kernelnewbies@kernelnewbies.org>,
open list <linux-kernel@vger.kernel.org>,
dm-devel@redhat.com, Mikulas Patocka <mpatocka@redhat.com>,
linux-mtd <linux-mtd@lists.infradead.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
Phillip Lougher <phillip@squashfs.org.uk>,
agk@redhat.com
Subject: Re: Kernel 4.14: Using dm-verity with squashfs rootfs - mounting issue
Date: Mon, 30 Aug 2021 18:55:41 +0200 [thread overview]
Message-ID: <20210830185541.715f6a39@windsurf> (raw)
In-Reply-To: <CAOuPNLg0m-Q7Vhp4srbQrjXHsxVhOr-K2dvnNqzdR6Dr4kioqA@mail.gmail.com>
Hello,
On Mon, 30 Aug 2021 21:55:19 +0530
Pintu Agarwal <pintu.ping@gmail.com> wrote:
> Sorry for coming back to this again..
> Unfortunately, none of the options is working for us with squashfs
> (bootloader, initramfs).
> initramfs have different kinds of challenges because of the partition
> size issue.
> So, our preferred option is still the bootloader command line approach..
>
> Is there a proven and working solution of dm-verity with squashfs ?
> If yes, please share some references.
>
> The current problem with squashfs is that we could not append the
> verity-metadata to squashfs, so we store it on a separate volume and
> access it.
Here, it definitely worked to append the hash tree to the squashfs
image and store them in the same partition.
> By specifying it like : /dev/mtdblock53
>
> Then we get the error like this:
> {
> [ 4.950276] device-mapper: init: attempting early device configuration.
> [ 4.957577] device-mapper: init: adding target '0 95384 verity 1
> /dev/ubiblock0_0 /dev/mtdblock53 4096 4096 11923 8 sha256
> 16da5e4bbc706e5d90511d2a3dae373b5d878f9aebd522cd614a4faaace6baa3
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7 10
> restart_on_corruption ignore_zero_blocks use_fec_from_device
> /dev/mtdblock53 fec_roots 2 fec_blocks 12026 fec_start 12026'
> [ 4.975283] device-mapper: verity: sha256 using implementation
> "sha256-generic"
> [ 4.998728] device-mapper: init: dm-0 is ready
Could you show the full kernel command line ?
> Do you see any other problem here with dm-verity cmdline or with squashfs ?
>
> Is squashfs ever proved to be working with dm-verity on higher kernel version ?
> Currently our kernel version is 4.14.
I confirm we used squashfs on dm-verity successfully. For sure on 4.19,
perhaps on older kernels as well.
> Or, another option is to use the new concept from 5.1 kernel that is:
> dm-mod.create = ?
How are you doing it today without dm-mod.create ?
Again, please give your complete kernel command line.
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: Pintu Agarwal <pintu.ping@gmail.com>
Cc: Sami, Tolvanen <samitolvanen@google.com>,
snitzer@redhat.com,
Kernelnewbies <kernelnewbies@kernelnewbies.org>,
open list <linux-kernel@vger.kernel.org>,
dm-devel@redhat.com, Mikulas Patocka <mpatocka@redhat.com>,
linux-mtd <linux-mtd@lists.infradead.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
Phillip Lougher <phillip@squashfs.org.uk>,
agk@redhat.com
Subject: Re: [dm-devel] Kernel 4.14: Using dm-verity with squashfs rootfs - mounting issue
Date: Mon, 30 Aug 2021 18:55:41 +0200 [thread overview]
Message-ID: <20210830185541.715f6a39@windsurf> (raw)
In-Reply-To: <CAOuPNLg0m-Q7Vhp4srbQrjXHsxVhOr-K2dvnNqzdR6Dr4kioqA@mail.gmail.com>
Hello,
On Mon, 30 Aug 2021 21:55:19 +0530
Pintu Agarwal <pintu.ping@gmail.com> wrote:
> Sorry for coming back to this again..
> Unfortunately, none of the options is working for us with squashfs
> (bootloader, initramfs).
> initramfs have different kinds of challenges because of the partition
> size issue.
> So, our preferred option is still the bootloader command line approach..
>
> Is there a proven and working solution of dm-verity with squashfs ?
> If yes, please share some references.
>
> The current problem with squashfs is that we could not append the
> verity-metadata to squashfs, so we store it on a separate volume and
> access it.
Here, it definitely worked to append the hash tree to the squashfs
image and store them in the same partition.
> By specifying it like : /dev/mtdblock53
>
> Then we get the error like this:
> {
> [ 4.950276] device-mapper: init: attempting early device configuration.
> [ 4.957577] device-mapper: init: adding target '0 95384 verity 1
> /dev/ubiblock0_0 /dev/mtdblock53 4096 4096 11923 8 sha256
> 16da5e4bbc706e5d90511d2a3dae373b5d878f9aebd522cd614a4faaace6baa3
> aee087a5be3b982978c923f566a94613496b417f2af592639bc80d141e34dfe7 10
> restart_on_corruption ignore_zero_blocks use_fec_from_device
> /dev/mtdblock53 fec_roots 2 fec_blocks 12026 fec_start 12026'
> [ 4.975283] device-mapper: verity: sha256 using implementation
> "sha256-generic"
> [ 4.998728] device-mapper: init: dm-0 is ready
Could you show the full kernel command line ?
> Do you see any other problem here with dm-verity cmdline or with squashfs ?
>
> Is squashfs ever proved to be working with dm-verity on higher kernel version ?
> Currently our kernel version is 4.14.
I confirm we used squashfs on dm-verity successfully. For sure on 4.19,
perhaps on older kernels as well.
> Or, another option is to use the new concept from 5.1 kernel that is:
> dm-mod.create = ?
How are you doing it today without dm-mod.create ?
Again, please give your complete kernel command line.
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2021-08-30 16:56 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-20 9:38 Kernel 4.14: Using dm-verity with squashfs rootfs - mounting issue Pintu Agarwal
2021-07-20 9:38 ` [dm-devel] " Pintu Agarwal
2021-07-20 9:38 ` Pintu Agarwal
2021-07-20 9:38 ` Pintu Agarwal
2021-07-20 11:41 ` Mikulas Patocka
2021-07-20 11:41 ` [dm-devel] " Mikulas Patocka
2021-07-20 11:41 ` Mikulas Patocka
2021-07-20 11:41 ` Mikulas Patocka
2021-07-21 15:00 ` Pintu Agarwal
2021-07-21 15:00 ` [dm-devel] " Pintu Agarwal
2021-07-21 15:00 ` Pintu Agarwal
2021-07-21 15:00 ` Pintu Agarwal
2021-07-21 17:10 ` Mikulas Patocka
2021-07-21 17:10 ` [dm-devel] " Mikulas Patocka
2021-07-21 17:10 ` Mikulas Patocka
2021-07-21 17:10 ` Mikulas Patocka
2021-07-21 17:29 ` Pintu Agarwal
2021-07-21 17:29 ` [dm-devel] " Pintu Agarwal
2021-07-21 17:29 ` Pintu Agarwal
2021-07-21 17:29 ` Pintu Agarwal
2021-08-30 16:25 ` Pintu Agarwal
2021-08-30 16:25 ` [dm-devel] " Pintu Agarwal
2021-08-30 16:25 ` Pintu Agarwal
2021-08-30 16:25 ` Pintu Agarwal
2021-08-30 16:55 ` Thomas Petazzoni [this message]
2021-08-30 16:55 ` [dm-devel] " Thomas Petazzoni
2021-08-30 16:55 ` Thomas Petazzoni
2021-08-30 16:55 ` Thomas Petazzoni
2021-08-30 18:18 ` Pintu Agarwal
2021-08-30 18:18 ` [dm-devel] " Pintu Agarwal
2021-08-30 18:18 ` Pintu Agarwal
2021-08-30 18:18 ` Pintu Agarwal
2021-08-30 19:12 ` Thomas Petazzoni
2021-08-30 19:12 ` [dm-devel] " Thomas Petazzoni
2021-08-30 19:12 ` Thomas Petazzoni
2021-08-30 19:12 ` Thomas Petazzoni
2021-08-31 13:19 ` Pintu Agarwal
2021-08-31 13:19 ` [dm-devel] " Pintu Agarwal
2021-08-31 13:19 ` Pintu Agarwal
2021-08-31 13:19 ` Pintu Agarwal
2021-09-06 16:28 ` Pintu Agarwal
2021-09-06 16:28 ` [dm-devel] " Pintu Agarwal
2021-09-06 16:28 ` Pintu Agarwal
2021-09-06 16:28 ` Pintu Agarwal
2021-09-08 11:27 ` Pintu Agarwal
2021-09-08 11:27 ` [dm-devel] " Pintu Agarwal
2021-09-08 11:27 ` Pintu Agarwal
2021-09-08 11:27 ` Pintu Agarwal
2021-09-08 12:08 ` Greg KH
2021-09-08 12:08 ` [dm-devel] " Greg KH
2021-09-08 12:08 ` Greg KH
2021-09-08 12:08 ` Greg KH
2021-10-29 15:51 ` Pintu Agarwal
2021-10-29 15:51 ` [dm-devel] " Pintu Agarwal
2021-10-29 15:51 ` Pintu Agarwal
2021-10-29 15:51 ` Pintu Agarwal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210830185541.715f6a39@windsurf \
--to=thomas.petazzoni@bootlin.com \
--cc=agk@redhat.com \
--cc=dm-devel@redhat.com \
--cc=kernelnewbies@kernelnewbies.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=mpatocka@redhat.com \
--cc=phillip@squashfs.org.uk \
--cc=pintu.ping@gmail.com \
--cc=samitolvanen@google.com \
--cc=snitzer@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.