| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAhV-H6MnutZughoES5z_vuZq3PErqMjcJrNEYO+kQLcCQd=sw@mail.gmail.com> Date: Sun, 13 Jul 2025 17:11:20 +0800 From: Huacai Chen <chenhuacai@...nel.org> To: Greg KH <gregkh@...uxfoundation.org> Cc: Huacai Chen <chenhuacai@...ngson.cn>, Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org, Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, linux-kernel@...r.kernel.org, stable@...r.kernel.org Subject: Re: [PATCH] init: Handle bootloader head in kernel parameters On Sun, Jul 13, 2025 at 4:30 PM Greg KH <gregkh@...uxfoundation.org> wrote: > > On Sat, Jul 12, 2025 at 11:18:44PM +0800, Huacai Chen wrote: > > On Fri, Jul 11, 2025 at 9:04 PM Greg KH <gregkh@...uxfoundation.org> wrote: > > > > > > On Fri, Jul 11, 2025 at 08:51:28PM +0800, Huacai Chen wrote: > > > > On Fri, Jul 11, 2025 at 8:41 PM Greg KH <gregkh@...uxfoundation.org> wrote: > > > > > > > > > > On Fri, Jul 11, 2025 at 08:34:25PM +0800, Huacai Chen wrote: > > > > > > Hi, Greg, > > > > > > > > > > > > On Fri, Jul 11, 2025 at 7:06 PM Greg KH <gregkh@...uxfoundation.org> wrote: > > > > > > > > > > > > > > On Fri, Jul 11, 2025 at 06:24:55PM +0800, Huacai Chen wrote: > > > > > > > > BootLoader may pass a head such as "BOOT_IMAGE=/boot/vmlinuz-x.y.z" to > > > > > > > > kernel parameters. But this head is not recognized by the kernel so will > > > > > > > > be passed to user space. However, user space init program also doesn't > > > > > > > > recognized it. > > > > > > > > > > > > > > Then why is it on the kernel command line if it is not recognized? > > > > > > UEFI put it at the beginning of the command line, you can see it from > > > > > > /proc/cmdline, both on x86 and LoongArch. > > > > > > > > > > Then fix UEFI :) > > > > > > > > > > My boot command line doesn't have that on x86, perhaps you need to fix > > > > > your bootloader? > > > > Not only UEFI, Grub also do this, for many years, not now. I don't > > > > know why they do this, but I think at least it is not a bug. For > > > > example, maybe it just tells user the path of kernel image via > > > > /proc/cmdline. > > > > > > > > [chenhuacai@...nelserver linux-official.git]$ uname -a > > > > Linux kernelserver 6.12.0-84.el10.x86_64 #1 SMP PREEMPT_DYNAMIC Tue > > > > May 13 13:39:02 UTC 2025 x86_64 GNU/Linux > > > > [chenhuacai@...nelserver linux-official.git]$ cat /proc/cmdline > > > > BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.12.0-84.el10.x86_64 > > > > root=UUID=c8fcb11a-0f2f-48e5-a067-4cec1d18a721 ro > > > > crashkernel=2G-64G:256M,64G-:512M > > > > resume=UUID=1c320fec-3274-4b5b-9adf-a06 > > > > 42e7943c0 rhgb quiet > > > > > > Sounds like a bootloader bug: > > > > > > $ cat /proc/cmdline > > > root=/dev/sda2 rw > > > > > > I suggest fixing the issue there, at the root please. > > Grub pass BOOT_IMAGE for all EFI-based implementations, related commits of Grub: > > https://cgit.git.savannah.gnu.org/cgit/grub.git/commit/?id=16ccb8b138218d56875051d547af84410d18f9aa > > https://cgit.git.savannah.gnu.org/cgit/grub.git/commit/?id=25953e10553dad2e378541a68686fc094603ec54 > > From 2005 and 2011? Why have we not had any reports of this being an > issue before now? What changed in the kernel recently? As said before, just in some corner cases it causes problems, but corner case doesn't means nothing. > > > Linux kernel treats BOOT_IMAGE as an "offender" of unknown command > > line parameters, related commits of kernel: > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=86d1919a4fb0d9c115dd1d3b969f5d1650e45408 > > So in 2021 we started printing out command line arguments that were > "wrong", so is this when everyone noticed that grub was wrong? Somebody may think a warning is harmless, somebody thinks a warning means a problem needs to fix. > > > There are user space projects that search BOOT_IMAGE from /proc/cmdline: > > https://github.com/linuxdeepin/deepin-ab-recovery/blob/master/util.go > > (search getBootOptions) > > https://github.com/linuxdeepin/deepin-ab-recovery/blob/master/main.go > > (search getKernelReleaseWithBootOption) > > What does it use these options for that it can't get from the valid ones > instead? Some projects have fallback methods, some projects don't work, but at least this means some user space programs depend on it already. > > > So, we can say Grub pass BOOT_IMAGE is reasonable and there are user > > space programs that hope it be in /proc/cmdline. > > But who relies on this that never noticed the kernel complaining about > it for the past 4 years? So If I'm the first man who notices this and wants to improve something, then it is my mistake? > > > But BOOT_IMAGE should not be passed to the init program. Strings in > > cmdline contain 4 types: BootLoader head (BOOT_IMAGE, kexec, etc.), > > kernel parameters, init parameters, wrong parameters. > > Then fix grub to not do this. > > > The first type is handled (ignored) by this patch, the second type is > > handled (consumed) by the kernel, and the last two types are passed to > > user space. > > That's not obvious in this patch at all. If you are doing different > things, make it separate patches. > > And again, fix grub. > > > If the first type is also passed to user space, there are meaningless > > warnings, and (maybe) cause problems with the init program. > > So it's been causing problems for all these years (i.e. since 2005)? > > What changed that is causing this to be an issue now, and again, why not > just fix grub? Corner cases have had problems since 2005, and just because they are corner cases, they are not noticed by everyone. But once they are noticed, they need to be fixed. We cannot change Grub (LILO do the same thing) now, because user space relies on it already. Huacai > > thanks, > > greg k-h
Powered by blists - more mailing lists