As the author said in the comment of util-linux/switch_root.c, current implementation leaves the mount point of new root-file-system without rmdir(). As long as I experimented on a linux kernel, current process of "/" still points old root-file-system even "/" is overmounted. So we can still access and zap ititramfs after the directory is free from mount point.
The patch below should zap the last directory left in the initramfs. It only swaps the timings of overmount and zapping. diff -Naur busybox-1.31.0.org/util-linux/switch_root.c busybox-1.31.0/util-linux/switch_root.c --- busybox-1.31.0.org/util-linux/switch_root.c 2019-07-18 23:18:54.791346155 +0900 +++ busybox-1.31.0/util-linux/switch_root.c 2019-07-18 23:21:33.867785730 +0900 @@ -257,14 +257,14 @@ } if (!dry_run) { - // Zap everything out of rootdev - delete_contents("/", rootdev); - // Overmount / with newdir and chroot into it if (mount(".", "/", NULL, MS_MOVE, NULL)) { // For example, fails when newroot is not a mountpoint bb_perror_msg_and_die("error moving root"); } + + // Zap everything out of rootdev + delete_contents("/", rootdev); } xchroot("."); // The chdir is needed to recalculate "." and ".." links
diff -Naur busybox-1.31.0.org/util-linux/switch_root.c busybox-1.31.0/util-linux/switch_root.c --- busybox-1.31.0.org/util-linux/switch_root.c 2019-07-18 23:18:54.791346155 +0900 +++ busybox-1.31.0/util-linux/switch_root.c 2019-07-18 23:21:33.867785730 +0900 @@ -257,14 +257,14 @@ } if (!dry_run) { - // Zap everything out of rootdev - delete_contents("/", rootdev); - // Overmount / with newdir and chroot into it if (mount(".", "/", NULL, MS_MOVE, NULL)) { // For example, fails when newroot is not a mountpoint bb_perror_msg_and_die("error moving root"); } + + // Zap everything out of rootdev + delete_contents("/", rootdev); } xchroot("."); // The chdir is needed to recalculate "." and ".." links
_______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox