Bug#756593: busybox's switch_root makes read-only NFS root read/write

[Michael Tokarev <mjt@tls.msk.ru>]

Control: tag -1 + moreinfo

31.07.2014 11:56, Zimmermann, Alexander wrote:
> Package: busybox
> Version: 1:1.22.0-6
> Severity: important
> 
> Dear Maintainer,
> 
> we have a PXE environments in our lab, where we boot both physical boxes
> and XEN machines via NFS from one centralized Debian SID image. While
> the kernel/initramfs mounts the image correctly read only (I set a
> breakpoint just before switch_root get invoked) (see [1]), makes
> switch_root the NFS root read/write (see [2]).

Very interesting.

I can't reproduce this behavor here.  I use remote root a lot,
also with PXE booting, and never saw a read-write root after
switch_root run.

Looking at the source, it only does one mount(2) syscall:

        // Overmount / with newdir and chroot into it
        if (mount(".", "/", NULL, MS_MOVE, NULL)) {
                // For example, fails when newroot is not a mountpoint
                bb_perror_msg_and_die("error moving root");

and that's about it.  So unless the kernel is broken, it
should not result in changing the mount flags in any way.

And it definitely doesn't change flags when switch_root'ing to
a regular ext4 or other local filesystem (in a regular initramfs
which is used by almost all debian systems).

Maybe you can describe your environment a bit more?
Where do you set breakpoints?

Thanks,

/mjt