[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] DISCUSSION: Jookia's Libreboot+LUKS+LVM FDE patch.
|
From: |
Ludovic Courtès |
|
Subject: |
Re: [PATCH] DISCUSSION: Jookia's Libreboot+LUKS+LVM FDE patch. |
|
Date: |
Tue, 15 Mar 2016 15:40:46 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Jookia <address@hidden> skribis:
> On Fri, Mar 11, 2016 at 03:30:10PM +0100, Ludovic Courtès wrote:
>> Jookia <address@hidden> skribis:
>>
>> > I'd really like to discuss how much I needed to break to get the
>> > mapped-devices,
>> > file-systems and swap-devices to just 'work'. I even had to make a
>> > function to
>> > return a mapped-device type, and have swap-devices not do dependency tests
>> > since
>> > I technically don't use a device I've defined.
>> >
>> > It'd be much much better if I could do something like this in my services:
>> >
>> > (devices (list (file-system
>> > (uses '("/dev/matrix/root"))
>> > (creates '("/"))
>> > (device "/dev/matrix/root")
>> > (mount-point "/")
>> > (type "ext4"))
>> > (swap-device
>> > (uses '("/dev/mapper/matrix-swap"))
>> > (creates '()))
>> > (device "/dev/mapper/matrix-swap")
>> > (lvm-device
>> > (uses '("/dev/mapper/hdd" "/dev/sdb"))
>> > (creates '("/dev/matrix/"
>> > "/dev/mapper/matrix-swap"))
>> > (devices '("/dev/mapper/hdd" "/dev/sdb")))
>> > (luks-device
>> > (uses '("UUID=4dab5feb-d176-45de-b287-9b0a6e4c01cb"))
>> > (creates '("/dev/mapper/hdd"))
>> > (device "UUID=4dab5feb-d176-45de-b287-9b0a6e4c01cb")
>> > (name "hdd")
>> > (key-file "..."))))
>> >
>> > The issue is that it has a lot of duplicate information as I'm not sure
>> > uses/creates could always map to device/mount-point, like LUKS names. But
>> > this
>> > should satisfy most dependency issues automatically, I hope.
>>
>> There are several issues being addressed here, IIUC:
>>
>> 1. How to refer to block devices (in the Unix sense) using UUIDs,
>> labels, or /dev file names in general, and not just for
>> ‘file-system’.
>
> Yes, this is one of the major problems.
>
>> 2. How to determine dependencies among all these things.
>
> Shouldn't be too hard if we have inputs and outputs for each.
>
>> 3. How to handle mapped devices that lead to several /dev nodes, as is
>> the case with LVM.
>
> Well, it's a bit more complex than that. We end up with filesystems that use
> multiple devices too, like Btrfs.
OK.
Would a ‘mapped-device’ type where both ‘source’ and ‘target’ are lists
adequately model Linux’s notion of mapped devices?
> I was also showing another point: It'd be nicer to have file-system,
> swap-device, lvm-device, luks-device as functions rather than data structures.
> I was a bit tired when writing and realized later on that the functions could
> automatically create the uses/creates stuff as output. I'll show another
> hypothetical, though I see interest in keeping the existing way.
Keeping thing purely declarative, with high-level data structures such
as ‘file-system’ and ‘mapped-device’ is pretty nice IMO. It allows
users to easily inspect the config, map over the various bits, etc.
>> For #1, I would like to have a general ‘device’ type, so one could
>> write:
>>
>> (operating-system
>> ;; …
>> (file-systems (list (file-system
>> (source (device (title 'label)
>> (name "my-root")))
>> (mount-point "/"))))
>> (swap (list (device
>> (title 'uuid)
>> (name (uuid "4dab5feb-d176-45de-b287-9b0a6e4c01cb")))))
>>
>> For that to work, we ideally need code to recognize swap signatures,
>> similar to what we do for ext2 in (gnu build file-systems).
>
> This would work, but not all file-systems use devices. Bind/union mounts, for
> one, which is why having them as paths would be perhaps easier to resolve. I'm
> skeptical we could have a single file-system data structure that could account
> for all this,
Note that it already handles bind mounts and other pseudo file systems
(see (gnu system file-systems)). Basically, ‘file-system’ directly
corresponds to the ‘mount’ system call.
> which is why I'd much rather like functions that output stuff:
>
> (devices (list (file-system
> #:device "/dev/matrix/root"
> #:mount-point "/"
> #:type "ext4")
> (swap-device
> #:device "/dev/mapper/matrix-swap")
> (lvm-device
> #:targets '("/dev/matrix/"
> "/dev/mapper/matrix-swap")
> #:devices (list "/dev/mapper/hdd" "/dev/sdb"))
> (luks-device
> #:device "UUID=4dab5feb-d176-45de-b287-9b0a6e4c01cb"
> #:name "hdd"
> #:key-file "...")))
>
> which could output this tree:
>
> (devices (list (device
> (uses '("/dev/matrix/root"))
> (creates '("/"))
> (init-function ...)
> (destroy-function ...))
> (swap-device
> (uses '("/dev/mapper/matrix-swap"))
> (creates '()))
> (init-function ...)
> (destroy-function ...))
> (lvm-device
> (uses '("/dev/mapper/hdd" "/dev/sdb"))
> (creates '("/dev/matrix/"
> "/dev/mapper/matrix-swap"))
> (init-function ...)
> (destroy-function ...))
> (luks-device
> (uses '("UUID=4dab5feb-d176-45de-b287-9b0a6e4c01cb"))
> (creates '("/dev/mapper/hdd"))
> (init-function ...)
> (destroy-function ...)))
>
> Though this is a bit of a dream in my case.
Hmm it seems to me that these are roughly to different ways to write the
same thing (with the 2nd one making dependencies explicit.)
I’m not sure there’s an intermediate representation that file systems,
swap devices, LVM devices, etc. could all be “compiled” to. I feel that
we should stick to the abstractions of the Linux kernel, where device
mapping is entirely different from file systems, and so on.
However, we must definitely unify device naming (the /dev vs. UUID
vs. label thing.)
> There also a small issue where mapped devices need more data in special cases,
> like LUKS keyfiles which returns a function to create the type.
What? :-)
Thanks for your insightful comments!
Ludo’.