Based on kernel version 4.16.1. Page generated on 2018-04-09 11:53 EST.
1 Early userspace support 2 ======================= 3 4 Last update: 2004-12-20 tlh 5 6 7 "Early userspace" is a set of libraries and programs that provide 8 various pieces of functionality that are important enough to be 9 available while a Linux kernel is coming up, but that don't need to be 10 run inside the kernel itself. 11 12 It consists of several major infrastructure components: 13 14 - gen_init_cpio, a program that builds a cpio-format archive 15 containing a root filesystem image. This archive is compressed, and 16 the compressed image is linked into the kernel image. 17 - initramfs, a chunk of code that unpacks the compressed cpio image 18 midway through the kernel boot process. 19 - klibc, a userspace C library, currently packaged separately, that is 20 optimized for correctness and small size. 21 22 The cpio file format used by initramfs is the "newc" (aka "cpio -H newc") 23 format, and is documented in the file "buffer-format.txt". There are 24 two ways to add an early userspace image: specify an existing cpio 25 archive to be used as the image or have the kernel build process build 26 the image from specifications. 27 28 CPIO ARCHIVE method 29 30 You can create a cpio archive that contains the early userspace image. 31 Your cpio archive should be specified in CONFIG_INITRAMFS_SOURCE and it 32 will be used directly. Only a single cpio file may be specified in 33 CONFIG_INITRAMFS_SOURCE and directory and file names are not allowed in 34 combination with a cpio archive. 35 36 IMAGE BUILDING method 37 38 The kernel build process can also build an early userspace image from 39 source parts rather than supplying a cpio archive. This method provides 40 a way to create images with root-owned files even though the image was 41 built by an unprivileged user. 42 43 The image is specified as one or more sources in 44 CONFIG_INITRAMFS_SOURCE. Sources can be either directories or files - 45 cpio archives are *not* allowed when building from sources. 46 47 A source directory will have it and all of its contents packaged. The 48 specified directory name will be mapped to '/'. When packaging a 49 directory, limited user and group ID translation can be performed. 50 INITRAMFS_ROOT_UID can be set to a user ID that needs to be mapped to 51 user root (0). INITRAMFS_ROOT_GID can be set to a group ID that needs 52 to be mapped to group root (0). 53 54 A source file must be directives in the format required by the 55 usr/gen_init_cpio utility (run 'usr/gen_init_cpio --help' to get the 56 file format). The directives in the file will be passed directly to 57 usr/gen_init_cpio. 58 59 When a combination of directories and files are specified then the 60 initramfs image will be an aggregate of all of them. In this way a user 61 can create a 'root-image' directory and install all files into it. 62 Because device-special files cannot be created by a unprivileged user, 63 special files can be listed in a 'root-files' file. Both 'root-image' 64 and 'root-files' can be listed in CONFIG_INITRAMFS_SOURCE and a complete 65 early userspace image can be built by an unprivileged user. 66 67 As a technical note, when directories and files are specified, the 68 entire CONFIG_INITRAMFS_SOURCE is passed to 69 scripts/gen_initramfs_list.sh. This means that CONFIG_INITRAMFS_SOURCE 70 can really be interpreted as any legal argument to 71 gen_initramfs_list.sh. If a directory is specified as an argument then 72 the contents are scanned, uid/gid translation is performed, and 73 usr/gen_init_cpio file directives are output. If a directory is 74 specified as an argument to scripts/gen_initramfs_list.sh then the 75 contents of the file are simply copied to the output. All of the output 76 directives from directory scanning and file contents copying are 77 processed by usr/gen_init_cpio. 78 79 See also 'scripts/gen_initramfs_list.sh -h'. 80 81 Where's this all leading? 82 ========================= 83 84 The klibc distribution contains some of the necessary software to make 85 early userspace useful. The klibc distribution is currently 86 maintained separately from the kernel. 87 88 You can obtain somewhat infrequent snapshots of klibc from 89 https://www.kernel.org/pub/linux/libs/klibc/ 90 91 For active users, you are better off using the klibc git 92 repository, at http://git.kernel.org/?p=libs/klibc/klibc.git 93 94 The standalone klibc distribution currently provides three components, 95 in addition to the klibc library: 96 97 - ipconfig, a program that configures network interfaces. It can 98 configure them statically, or use DHCP to obtain information 99 dynamically (aka "IP autoconfiguration"). 100 - nfsmount, a program that can mount an NFS filesystem. 101 - kinit, the "glue" that uses ipconfig and nfsmount to replace the old 102 support for IP autoconfig, mount a filesystem over NFS, and continue 103 system boot using that filesystem as root. 104 105 kinit is built as a single statically linked binary to save space. 106 107 Eventually, several more chunks of kernel functionality will hopefully 108 move to early userspace: 109 110 - Almost all of init/do_mounts* (the beginning of this is already in 111 place) 112 - ACPI table parsing 113 - Insert unwieldy subsystem that doesn't really need to be in kernel 114 space here 115 116 If kinit doesn't meet your current needs and you've got bytes to burn, 117 the klibc distribution includes a small Bourne-compatible shell (ash) 118 and a number of other utilities, so you can replace kinit and build 119 custom initramfs images that meet your needs exactly. 120 121 For questions and help, you can sign up for the early userspace 122 mailing list at http://www.zytor.com/mailman/listinfo/klibc 123 124 How does it work? 125 ================= 126 127 The kernel has currently 3 ways to mount the root filesystem: 128 129 a) all required device and filesystem drivers compiled into the kernel, no 130 initrd. init/main.c:init() will call prepare_namespace() to mount the 131 final root filesystem, based on the root= option and optional init= to run 132 some other init binary than listed at the end of init/main.c:init(). 133 134 b) some device and filesystem drivers built as modules and stored in an 135 initrd. The initrd must contain a binary '/linuxrc' which is supposed to 136 load these driver modules. It is also possible to mount the final root 137 filesystem via linuxrc and use the pivot_root syscall. The initrd is 138 mounted and executed via prepare_namespace(). 139 140 c) using initramfs. The call to prepare_namespace() must be skipped. 141 This means that a binary must do all the work. Said binary can be stored 142 into initramfs either via modifying usr/gen_init_cpio.c or via the new 143 initrd format, an cpio archive. It must be called "/init". This binary 144 is responsible to do all the things prepare_namespace() would do. 145 146 To maintain backwards compatibility, the /init binary will only run if it 147 comes via an initramfs cpio archive. If this is not the case, 148 init/main.c:init() will run prepare_namespace() to mount the final root 149 and exec one of the predefined init binaries. 150 151 Bryan O'Sullivan <email@example.com>