From owner-freebsd-current@freebsd.org Thu Jun 18 03:41:05 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 78E71341F56 for ; Thu, 18 Jun 2020 03:41:05 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-qv1-xf2c.google.com (mail-qv1-xf2c.google.com [IPv6:2607:f8b0:4864:20::f2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49nSQS2xVYz41dL for ; Thu, 18 Jun 2020 03:41:04 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-qv1-xf2c.google.com with SMTP id di13so2121093qvb.12 for ; Wed, 17 Jun 2020 20:41:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=YOWxyY9ecbFBLt92Ri2OUh2dkVKotH91FpffvAjW1dY=; b=WIvYAgUD+com13jxYeBIZedu4JoHU1u3cZF7Q0AS9WMQi1t6kP2KY7KBLfXH3SiEJs SV02tjNsUEjUj8ulMOLnyx2jBsdnUDrZky5mgdhY+Le1g/ngDsHuOYnhXCaIsIWJGdYK SNpqATPLtKf96oUIgiMMQwUWw2oO+4y2TLy+NooPAVdOZRew2THB9HVzKITVrqKTdQ4/ x6dtPXWXRDik//d2tyVkey/HhMfAVAksx/gkmVtuajZQRHEwL1OdIQ6S9O2MYLbQw4oD IRk+0kpX2cEcyh1bWlWFSL4l+NmdeMnMoM1z/5WPpc/iN2umS53a4zFh2Xj4tEBafMr+ pq+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=YOWxyY9ecbFBLt92Ri2OUh2dkVKotH91FpffvAjW1dY=; b=dGVp9gKOCxodZSvSx1bGKHIGKrmGvLSWRTmPCL/mB3PnOuIIATBfboGs2LhAp2H7hV uO0rDtgprYOiWi5G1So4BqSOzLPNFCre5Jhdu+pxilqGKbqPwI/bYBLGhww7kHBmHgsy oy/HnYrp+osG5wrJMLUEQnN4536ZxJ72VF3NbDPRkh/5Jnx/QWbZn2RNDNEbkY24MvRx 0275iFv19HovXUW3v2xNcy9g4Fk3rpa4UO4OxBIXX/UMGltXfO3psJWL7iq2v3W/h5fP y95lm3CVQG1xsQLBapWD7jtctPsDN+QuYsgHZgmCScNbDQXQq6L8BxIFFDiDfupx/4WB GzMA== X-Gm-Message-State: AOAM531WiHqV9ZneFFa41dHJMif4pHQxi1BfR1p6nt2NSqlnCQRDlD1k toLBNOJc806Oy21tm19yP0Fh0q32elxwSzXzRYNO9pX29eQ= X-Google-Smtp-Source: ABdhPJwqUtKw54IWMOXqhBh4FKEEQ/fZLhkS34fYuXqzecyhmc6JVUH2t6Cw04NuSd+XZX7cESkh+w1OwE4uQqsJD1E= X-Received: by 2002:a0c:910c:: with SMTP id q12mr1814675qvq.22.1592451663254; Wed, 17 Jun 2020 20:41:03 -0700 (PDT) MIME-Version: 1.0 References: <202006180330.05I3UjsE088546@gndrsh.dnsmgr.net> In-Reply-To: <202006180330.05I3UjsE088546@gndrsh.dnsmgr.net> From: Warner Losh Date: Wed, 17 Jun 2020 21:40:52 -0600 Message-ID: Subject: Re: CTF: UEFI HTTP boot support To: "Rodney W. Grimes" Cc: Maxim Sobolev , Miguel C , Dave Cottlehuber , freebsd-current , Rebecca Cran X-Rspamd-Queue-Id: 49nSQS2xVYz41dL X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bsdimp-com.20150623.gappssmtp.com header.s=20150623 header.b=WIvYAgUD; dmarc=none; spf=none (mx1.freebsd.org: domain of wlosh@bsdimp.com has no SPF policy when checking 2607:f8b0:4864:20::f2c) smtp.mailfrom=wlosh@bsdimp.com X-Spamd-Result: default: False [-1.82 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[bsdimp-com.20150623.gappssmtp.com:s=20150623]; NEURAL_HAM_MEDIUM(-0.80)[-0.799]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-0.98)[-0.976]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; DMARC_NA(0.00)[bsdimp.com]; RCPT_COUNT_FIVE(0.00)[6]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[bsdimp-com.20150623.gappssmtp.com:+]; NEURAL_HAM_SHORT(-0.05)[-0.050]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::f2c:from]; R_SPF_NA(0.00)[no SPF record]; FORGED_SENDER(0.30)[imp@bsdimp.com,wlosh@bsdimp.com]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_COUNT_TWO(0.00)[2]; FREEMAIL_CC(0.00)[freebsd.org,gmail.com,skunkwerks.at,bsdio.com]; FROM_NEQ_ENVFROM(0.00)[imp@bsdimp.com,wlosh@bsdimp.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2020 03:41:05 -0000 On Wed, Jun 17, 2020 at 9:30 PM Rodney W. Grimes < freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > This is what we have running in AWS right now, kinda proof of concept but > > it's not that difficult to generalize: > > > > [root@ip-172-31-10-188 /usr/local/etc/freeswitch]# mdconfig -lv > > md0 preload 160M - > > > > [root@ip-172-31-10-188 /usr/local/etc/freeswitch]# df > > Filesystem 512-blocks Used Avail Capacity > Mounted on > > /dev/ufs/root_20200617071427 1300080 1220480 79600 94% / > > devfs 2 2 0 100% /dev > > /dev/ufs/etc_20200617071427 9912 6384 2736 70% /etc > > /dev/ufs/local_20200617071427 2746992 2572144 174848 94% > /usr/local > > /dev/ufs/boot_20200617071427 389560 361208 28352 93% /boot > > tmpfs 65536 624 64912 1% /tmp > > tmpfs 20480 16 20464 0% > > /usr/home/ssp-user > > tmpfs 524288 336816 187472 64% /var > > > > Root file system is untrimmed 1.2GB UFS, generated with mkuzip compressed > > down to 160MB with the UZIP, and pre-loaded along with the kernel. The > > /usr/local file system is read-only UFS+UZIP images placed directly onto > > the GPT and probed out with GEOM_LABEL. Out of those only /etc is > > read-write. The idea here is that the box should theoretically survive > > total loss of connectivity to both root and the /usr/local storage (or we > > can replace it on the fly with the new version). > > > > [root@ip-172-31-10-188 /usr/local/etc/freeswitch]# mount > > /dev/ufs/root_20200617071427 on / (ufs, local, read-only) > > devfs on /dev (devfs, local, multilabel) > > /dev/ufs/etc_20200617071427 on /etc (ufs, local, synchronous) > > /dev/ufs/local_20200617071427 on /usr/local (ufs, local, read-only) > > /dev/ufs/boot_20200617071427 on /boot (ufs, local, read-only) > > tmpfs on /tmp (tmpfs, local) > > tmpfs on /usr/home/ssp-user (tmpfs, local) > > tmpfs on /var (tmpfs, local) > > > > Configuration is dead simple: > > > > vfs.root.mountfrom="ufs:ufs/root_20200617071427" > > image_load="YES" > > image_name="/root.uzp" > > image_type="mfs_root" > > autoboot_delay="-1" > > > > It takes less than 100 lines of code I think to generate this out of > > buildworld/buildkernel. 0 third party tools. > > > > Replace loading root from disk with loading it from HTTP server and it > > would work just as good with the only need to load 1 or two files. > > I think your understating several of the stumbling blocks > that exist here. As Warner pointed out there are some > pokey sticks around doing this over the net fs doing this > from a local disk. > BTW, I think this is an excellent area to move from kernel compile options to kernel env vars that maybe default to the kernel build options for compat. And, of course, the sharp bits would be less surprising if well documented... Warner