On Wed, Oct 23, 2019 at 2:53 PM Colin Walters <walters@xxxxxxxxxx> wrote: > > > > On Tue, Oct 22, 2019, at 8:10 PM, Chris Murphy wrote: > > > > For multiple kernels, it doesn't matter if a crash happens anywhere > > from new kernel being written to FAT, through initramfs, because the > > old bootloader configuration still points to old kernel + initramfs. > > But in multiple kernel distros, the bootloader configuration needs > > modification or a new drop in scriptlet to point to the new > > kernel+initramfs pair. And that needs to be completely atomic: write > > new files to a tmp location, that way a crash won't matter. The tricky > > part is to write out the bootloader configuration change such that it > > can be an atomic operation. > > Related: https://github.com/ostreedev/ostree/issues/1951 > There I'm proposing there to not try to fix this at the kernel/filesystem > level (since we can't do much on FAT, and even on real filesystems we > have the journaling-vs-bootloader issues), but instead create a protocol > between things writing bootloader data and the bootloaders to help > verify integrity. The symlink method now being used, you describe as an OSTree-specific invention. How is the new method you're proposing more generic such that it's not also an OSTree-specific invention? -- Chris Murphy
