From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1T5mIN-000200-En for mharc-grub-devel@gnu.org; Sun, 26 Aug 2012 19:31:07 -0400 Received: from eggs.gnu.org ([208.118.235.92]:45583) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1T5mIJ-0001yj-BY for grub-devel@gnu.org; Sun, 26 Aug 2012 19:31:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1T5mII-00079g-An for grub-devel@gnu.org; Sun, 26 Aug 2012 19:31:03 -0400 Received: from foxnic.zionetrix.net ([212.85.154.181]:53185) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1T5mII-00079A-3z for grub-devel@gnu.org; Sun, 26 Aug 2012 19:31:02 -0400 Received: by foxnic.zionetrix.net (Postfix, from userid 5001) id ABF05179D0; Mon, 27 Aug 2012 01:30:58 +0200 (CEST) Received: from localhost (tor1.digineo.de [62.141.53.224]) by foxnic.zionetrix.net (Postfix) with ESMTPSA id 7521C17A1F; Mon, 27 Aug 2012 01:30:53 +0200 (CEST) Date: Sun, 26 Aug 2012 23:30:20 +0000 From: Ague Mill To: grub-devel@gnu.org Subject: kexec GRUB, multiboot port and qemu Message-ID: <20120826233020.GD4286@localhost> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="cQXOx3fnlpmgJsTP" Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 212.85.154.181 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Aug 2012 23:31:05 -0000 --cQXOx3fnlpmgJsTP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! As a developer working on Tails [1], a live distribution aimed at protecting its users' privacy, I am trying to tackle one of our long-standing issue: we need to properly overwrite the system memory with zeros on shutdown in order to erase traces of the user activity. Actually, after some long hours of hacking, it looks like GRUB could be all what we needed to nail this issue. Have a look at the current state of affairs [2] if you are interested in the details. [1] https://tails.boum.org/ [2] https://tails.boum.org/bugs/sdmem_does_not_clear_all_memory/grub/ I am currently stuck on how to obtain a standalone GRUB image that could be kexec'ed from Linux. When building an ELF image with the 'pc' port, kexec replies: Base address: 8200 is not page aligned The next candidate looked like the 'multiboot' port. But I can't get an image that will work in qemu. I have tried to build a strictly minimal boot image using the following commands: ./configure --with-platform=3Dmultiboot --target=3Di386 make -j4 ./grub-mkimage -O i386-multiboot -C xz -d ./grub-core \ -o /tmp/multiboot.img Here is how I start qemu after: qemu -kernel /tmp/multiboot.img -vga std -m 256 And I get the following error: Missing Multiboot memory information Aborted. Is there any known working way to test multiboot images? Is there a better path to be able to use kexec to load and execute GRUB? I would very much like to offer the `wipe_memory` command for inclusion in GRUB (and do the necessary refinements on the patch) once we have something that works from one end to the other for Tails. Thanks for your help, --=20 Ague --cQXOx3fnlpmgJsTP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABCgAGBQJQOrGLAAoJEMr7v5HdHblu74oP/A/J074rhjhU83ymVx5jMSfk baXTp2p1Y3oCsMph4Shq6c1PE7g5KnA3JX9WMWOTwDTPaGOcPtolvo2FN4/CJITP srawAE1zX4X+2/qmhu45M7GbddwaeKFByA7EJ8AT11Gom+hRMYBdnhZk47LXhc0Y fd4cqCe2Ph9Fiy8PzynuO9UcSzwSIErO9yedNQ7E4gwo73aCgEyBPfv9dJPLMytG FosyYTGTycNhKZ5Ehudh3LcvEwQBVNE7m6Ytnk0/a+QjI8sGGFHcy1iaCXZFGMKn fEHBy7swmPL/QxM/blEkzrYxds8IiK2UFoq6hX5UbaEweJB1e76k2D1vOIR/B2at VpOqsb6SGE8WG0oTfAkhq9QAo4Wnns1Y7NAvUrnObhYr6DRPmwfFrJ3TwDhNZKh0 CWl2URsT+N2NEXDgRhB0DVga4NhAL5q95R7+FWQ2ioG/xUQESZb678K4Ix5tYUaF YsW4ACGUNm2R4Xl3naOeST02m+u5xKkcUMteG3SSJSr0w64KzuoQGBslqgUaQR+n q+kHBaRmRMcX5RSY0ba7riWtuSSnQQ+Rh33NJ43Y+rJCJw6VBw8MGylfP44Bf0lO QwNj9QTqPYBOPIISE4MQ9K39L57/XwFtMSVY7q9WzW7yQajVefbKb6HmdZaamh9+ UVFzJQKH9y0K4TiC8Ea7 =BwSo -----END PGP SIGNATURE----- --cQXOx3fnlpmgJsTP--