On Di, 12.12.23 21:34, Nils Kattenbeck (nilskemail@xxxxxxxxx) wrote: > Hi, while I have been following this thread passively for now I also > wanted to chime in. > > > (The main reason why sd-stub doesn't actually support erofs-initrds, > > is that sd-stub also generates initrd cpios on the fly, to pass > > credentials and system extension images to the kernel, and you can't > > really mix erofs and cpio initrds into one) > > What prevents one from mixing the two (especially given that the > hypothetical erofs initrd support does not yet exist)? > Or are you talking about mixing this with your memmap+root=/dev/pmem > suggestion? If you have 7 cpio initrds then the kernel will allocate a tmpfs and unpack them all into it, one after the other, on top of each other, and then jumps into the result. if you have an erofs and 7 cpio initds, what are you going to do? You cannot extract into an erofs, it's immutable. You'd need something like overlayfs, but that would require (at least for now) an additional step in userspace, which is something to avoid. Alternatively (and preferred by me) would support a mode where it would unpack any cpios it gets into a tmpfs, and then pass an fsopen() fd to that to the executable it then invokes from the erofs. the executable could then mount that somewhere if it wants. But this would require a kenrel patch. > Even if everything is the same there are codes paths which might not > be taken during usual operation. An example would be services similar > to the new systemd-bsod which are only triggered in emergencies. > Having these in the cpio means that they will always be read and > decompressed. systemd-bsod is tiny though, less than 8K compressed here. Not sure it is a good example. > Using sysexts also has the drawback that each and every one of them > has to be decompressed. I might be mistaken but I expect that this > will be the case even if the extension-release in the sysext results > in it being discarded which is obviously another big drawback. sysexts are erofs or squashfs file systems with verity backing. Only the sectors you access are decompressed. Lennart -- Lennart Poettering, Berlin
