Reputation: 480
Linux Kernel init fails in encrypted filesystem
I am trying to make a linux os with encrypted filesystem for the whole OS (boot,kernel,root,...)
I modified EXT4 filesystem's read and write functions. after running a lot of tests everything read and write work fine.
EDIT:
my change is a simple XOR to file contents.
my tests include reading/writing text files, tar archive creation/deletion, sound and videofile creation/copying/deletion and some stress tests.
this is dmesg says when trying to run a binary:
traps: a.out[2765] trap invalid opcode ip:400e73 sp:7ffc9f3d6f10 error:0 in a.out[400000+b4000]
next step was to boot a simple linux based OS on this encrypted filesystem, I modified GRUB 2 bootloader so it cat boot the kernel from encrypted disk. then I faced this problem:
- grub can load linux kernel and kernel boots, but when it tries to run the init proccess I get kernel panic with the message: "init Not tained".
I can see from previous messages that filesystem is loaded by kernel and it is actually reading init file but refuses to run init.
my question is: is kernel reading init file in any other way than using standard read system call? is there something I am doing wrong here?
Any help would be greatly appreciated
EDIT:
now the question is:
how can I decrypt the data that kernel uses by mapping memory?
Upvotes: 1
Views: 364
Answers (1)
Reputation:
The kernel will map the init binary to memory (i.e, using mmap()) to execute it. If you have only tested read(), this is quite possibly where your filesystem is failing.
Upvotes: 2
Related Questions
- missing superblock on encrypted filesystem
- Using initramfs to load keys and setup IMA/EVM during early boot
- dropbear-initramfs can't find modprobe and blkid
- initramfs has no modules
- Read only Initramfs Linux system
- In-file encrypted filesystem
- Modify/Set root device in initramfs script
- Linux boot process -- iniramfs & root (\)
- Initramfs built into custom Linux kernel is not running
- Use of inode fields for storing encryption key of the file