Linux is an interpreter
a day ago
- #initrd
- #linux
- #kexec
- The author analyzes a mysterious command 'curl https://astrid.tech/rkx.gz | gunzip | sudo sh', revealing it as a shell script that extracts a kernel and initrd via base64 and cpio.
- The initrd script recursively uses kexec to replace the current kernel with a new one, acting as a tail-call-optimized recursive function.
- Linux is described as an interpreter for initrds, similar to how shell or Python interpreters work, with ELF files also being interpreted via ld.so.
- The article explores executing cpio files directly using binfmt_misc to register a custom interpreter (e.g., QEMU or a kexec-based script).
- A modified initrd is presented that registers a cpio interpreter and executes itself, creating a loop where the interpreter is the kernel of the next reboot.