Check out my first novel, midnight's simulacra!

Bogon kernel command line options

From dankwiki
Revision as of 00:18, 13 March 2022 by Dank (talk | contribs)

dankblog! 2022-03-12, 1842 EDT, at the danktower

i was looking at my dmesg output today, wanting to know something about IOMMU, and noticed the following line:

[ 0.015134] Unknown kernel command line parameters "BOOT_IMAGE=/boot/vmlinuz-5.16.13nlb2 mem_encrypt=off intel_iommu=on", will be passed to user space

first off, some basic kernel command line facts:

  • there's a man page, of course: kernel-command-line(7). many options are explained in bootparam(7)
  • an option is prefixed with modname. if it's intended for a module (whether that code has been built as a module, or built into the kernel)
  • options can be specified in modprobe.d(5), but this only works if the code was actually built as a module
  • any unrecognized parameter, and any parameter following "--", is passed to init
  • parameters containing a "=" go into init's environment
  • hyphens and underscores are equivalent

but unrecognized items get this informational line. let's take a look at them:

  • BOOT_IMAGE=/boot/vmlinuz-5.16.13nlb2 this is set by grub since grub 1.91, released 2005-10-15. i'm not sure why, or who consumes it. LILO set this parameter as well, and this might have just been a compatibility thing, so it might be lost in the river of time.
  • mem_encrypt=off this refers to AMD's Secure Memory Encryption extension, allowing per-page transparent encryption. i've got this disabled in my kernel config now (CONFIG_AMD_MEM_ENCRYPT), so it's no longer recognized. i've removed it.
  • intel_iommu=on well duh i don't have an intel in this machine. i want iommu=pt iommu=1

the rest of my command line appears to be valid (inspected at /proc/cmdline):

BOOT_IMAGE=/boot/vmlinuz-5.16.13nlb2 root=UUID=939be09a-b63d-403c-996a-8b9866313fbb ro mem_encrypt=off psi=0 acpi_enforce_resources=lax intel_iommu=on

psi=0 refers to the Pressure Stall Information feedback system introduced in 2018 by Facebook hackers, which you can read about here or here.

anyway, i wasn't aware of this dmesg output (added in 2021-05), but it seems a useful bit of diagnostics. unfuck your kernel command line!

the only crappy element is the low visibility. ideally, a systemd oneshot unit would deliver a potent shock to the operator when this message was detected. constant vigilance!

previously: "on the effectiveness of nonnull" 2021-11-05