Hi Coiby,
On 2025/5/13 08:14, Coiby Xu wrote:
On Fri, May 09, 2025 at 09:03:11AM -0400, Mimi Zohar wrote:
...
> I'm aware that some
> store the security xattr information in a file and write it out as xattrs.
If the built initramfs as a CPIO file doesn't carry xattrs, the loaded
initramfs still doesn't have xattrs. I just found the initramfs could
opt to use squashfs or erofs which supports xattrs but currently it's
hardcoded to disable xattrs. For example, recently the dracut erorfs
module also follows squashfs to disable xattrs [1]. So in the near
future, I don't expect xattrs to be supported in kdump.
[1] https://github.com/dracut-ng/dracut-ng/pull
Sorry, I didn't notice the link is incomplete. It should be
[1] https://github.com/dracut-ng/dracut-ng/pull/1296
Right, so the issue isn't the initramfs root filesystem, but CPIO. Either CPIO
would need to be extended, which multiple people have attempted to do, or the
xattrs
could be stored in a file and written out to the initramfs root filesystem. In
fact
Roberto's last attempts at adding CPIO xattr support did something like that.
https://lore.kernel.org/linux-integrity/[email protected]/
Thanks for introducing Roberto's work to me!
I wrote some words on initramfs vs initrd erofs on related threads:
https://lore.kernel.org/r/[email protected]
https://lore.kernel.org/r/[email protected]/T/#u
The CPIO standard doesn't support xattrs, also initramfs could cause
unnecessary unpacking.
But anyway it needs more work on this stuff too.
Thanks,
Gao Xiang
Mimi
