From: Alexander Sverdlin <[email protected]>
The bootparam parsing loop uses "eval" to set shell variables from
kernel command line parameters. Since eval interprets its argument as
shell code, a crafted boot parameter such as:
rootdelay=1";command;"
would be executed as arbitrary shell code during early init.
Replace the eval-based parser with a single sed invocation that
tokenizes /proc/cmdline (respecting double-quoted values) and feeds the
result to a while-read loop that uses only "export" for variable
assignment, which never interprets the value as code.
The sed script works as follows:
- Split the line at unquoted spaces into one token per line. The regex
treats sequences of non-space/non-quote chars, balanced "..." pairs,
and lone " (for mid-value quotes) as atomic units that are never split.
- Strip outer quotes from whole-param-quoted tokens ("param=val").
- Strip balanced quotes around parameter values (key="val" -> key=val).
- Replace . and - with _ in parameter names (the key part before =),
iterating until none remain.
- Print each processed token and loop (P/D).
Additional benefits:
- Whitespace inside quoted values is now preserved exactly as specified
(the for-loop word-splitting collapsed multiple spaces)
- Reduced from 3+ sed/cut invocations per parameter to a single sed
process for the entire command line
Co-developed-by: GitHub Copilot (Claude)
Signed-off-by: Alexander Sverdlin <[email protected]>
---
.../initrdscripts/initramfs-framework/init | 61 ++++++++-----------
1 file changed, 24 insertions(+), 37 deletions(-)
diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/init
b/meta/recipes-core/initrdscripts/initramfs-framework/init
index 67590ad765..97ec62e2da 100755
--- a/meta/recipes-core/initrdscripts/initramfs-framework/init
+++ b/meta/recipes-core/initrdscripts/initramfs-framework/init
@@ -92,43 +92,30 @@ if [ -d $EFI_DIR ];then
fi
# populate bootparam environment
-for p in `cat /proc/cmdline`; do
- if [ -n "$quoted" ]; then
- p_rstripped=${p%\"}
- value="$value $p_rstripped"
- if [ "$p_rstripped" != "$p" ]; then
- # End of a opt="word1 word2..." parameter
- eval "bootparam_${quoted}=\"${value}\""
- unset quoted
- fi
- continue
- fi
-
- opt=`echo $p | cut -d'=' -f1`
- opt=`echo $opt | sed -e 'y/.-/__/'`
- if [ "`echo $p | cut -d'=' -f1`" = "$p" ]; then
- # opt parameter
- eval "bootparam_${opt}=true"
- else
- value="`echo $p | cut -d'=' -f2-`" # Option value
- value_lstripped=${value#\"}
- value_rstripped=${value%\"}
-
- if [ "$value_lstripped" != "$value" ] && [ "$value_rstripped"
!= "$value" ]; then
- # opt="value" parameter
- eval "bootparam_${opt}=${value_lstripped%\"}"
- continue
- fi
-
- if [ "$value_lstripped" != "$value" ]; then
- # Start of a opt="word1 word2..." parameter
- quoted=${opt}
- value=${value_lstripped}
- continue
- fi
- eval "bootparam_${opt}=\"${value}\""
- fi
-done
+while IFS= read -r token; do
+ case "$token" in
+ *=*)
+ opt="${token%%=*}"
+ value="${token#*=}"
+ ;;
+ *)
+ opt="$token"
+ value="true"
+ ;;
+ esac
+ export "bootparam_${opt}=${value}"
+done <<EOF
+$(sed -E '
+s/^(([^ "]*|"[^"]*"|")*) +/\1\
+/
+s/^"(.*)"$/\1/
+s/^([^=]*)="(.*)"/\1=\2/
+:k
+s/^([^=.-]*)[.-]/\1_/
+tk
+P
+D' /proc/cmdline)
+EOF
# use /dev with devtmpfs
if grep -q devtmpfs /proc/filesystems; then
--
2.52.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#237294):
https://lists.openembedded.org/g/openembedded-core/message/237294
Mute This Topic: https://lists.openembedded.org/mt/119387617/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
