RE: [PATCH v2 RESEND] x86/kaslr: Ingest nokaslr to avoid passing it to init process

[Nir Lichtman]

 > On Tue, Jan 14, 2025 at 03:02:34PM +0000, Nir Lichtman wrote:
> > Yes indeed, when I made an initramfs with cpio and put a static bash
> > build as ./init, It got the nokaslr as the first argument and crashed,
> > this causes a general panic since the init process crashed.
> >
> > This behavior of passing unrecognized params to the init process is
> > documented in the kernel docs, and also in the corresponding warning
> > message.
> 
> So you must be doing something special because all of our systems are
> running fine with "nokaslr". As said, stuff would be breaking left'n'right if this
> were really a problem.

To make sure tested it again and it indeed causes a panic in this scenario,
Here are the commands I used for my setup (on Debian x86_64):

apt download bash-static
dpkg -x bash-static_5.2.15-2+b7_amd64.deb .
mv bin/bash-static init
echo init | cpio -H newc -o > init.cpio
make defconfig
make -j 4
qemu-system-x86_64 -kernel arch/x86/boot/bzImage \
-initrd ~/fun/init.cpio -append nokaslr

The "nokaslr" gets passed into bash which causes it to exit, which in turn
causes Linux to panic. Works fine when not passing "nokaslr".

Anyway, I agree that this is a special setup and hence the problem is
not critical, at the time I originally sent this I thought it was more of a
big deal, but now I just tend to work with more minimal kernel configs and in
this case just have KASLR disabled. But still I personally think it would be
more clean to have this fixed, when I have some more time I'll take a look
at what you suggested around the unknown boot parameters handling.

Thanks,
Nir

> 
> --
> Regards/Gruss,
>     Boris.