In message <20060221193107.GD25763@netbsd.org>,
Bill Studenmund writes:


>Uhm, you and a few other folks have talked about embedded systems in this
>manner, and I really don't understand it. If you are doing embedded system
>work, WTF is your root file system actually coming off of the boot media?
>
>My experience is that it's far saner to do something like what NetBSD does
>for install kernels. Put the root file system (with all the binaries) in
>the kernel. Then mount the boot media somewhere and have symlinks from
>/etc and such into that directory. Since everything you execute came with
>the kernel, you do not have binary versioning issues (though you still
>have configuration versioning issues).

Yup.

I can't speak for der Mouse, but I do both the above and more: root
filesystem in MFS, much as for install kernels; *and* no LKM support,
*and* mounting filesystems write-xor-execute.

Plus whatever approximation of non-executable stack is feasible. And
static-linked executables (or crunched sets) for externally-visible
userland code, to limit return-into-libc vulnerability.
I suspect Thor takes a similar approach.


>That said, a static kernel is porbably still better. Files take up space
>on the root file system (in memory), and loading an LKM would then need
>that duplicated into KVM. So loaded modules would take up twice the space.

Yes, quite.  That said, there's almost as many way to set up embedded
systems as there are embedded systems. The root-in-mfs approach may
not be best for all.