From: "Vladimir 'φ-coder/phcoder' Serbinenko" <phcoder@gmail.com>
To: grub-devel@gnu.org
Subject: Re: kexec GRUB, multiboot port and qemu
Date: Wed, 05 Sep 2012 07:45:02 +0200 [thread overview]
Message-ID: <5046E6DE.5050907@gmail.com> (raw)
In-Reply-To: <20120826233020.GD4286@localhost>
[-- Attachment #1: Type: text/plain, Size: 2404 bytes --]
On 27.08.2012 01:30, Ague Mill wrote:
> Hi!
>
> As a developer working on Tails [1], a live distribution aimed at
> protecting its users' privacy, I am trying to tackle one of our
> long-standing issue: we need to properly overwrite the system memory
> with zeros on shutdown in order to erase traces of the user activity.
>
> Actually, after some long hours of hacking, it looks like GRUB could
> be all what we needed to nail this issue. Have a look at the current
> state of affairs [2] if you are interested in the details.
>
kexec'ing GRUB for this is an overkill it's much easier to have just a
small loop for this. Also note that i386 GRUB is unable to access memory
beyond 4G. It's not a problem for loading kernels but is a problem for
your application.
> [1] https://tails.boum.org/
> [2] https://tails.boum.org/bugs/sdmem_does_not_clear_all_memory/grub/
>
>
> I am currently stuck on how to obtain a standalone GRUB image that could
> be kexec'ed from Linux.
>
> When building an ELF image with the 'pc' port, kexec replies:
>
> Base address: 8200 is not page aligned
>
> The next candidate looked like the 'multiboot' port. But I can't get an
> image that will work in qemu. I have tried to build a strictly minimal
> boot image using the following commands:
>
> ./configure --with-platform=multiboot --target=i386
> make -j4
> ./grub-mkimage -O i386-multiboot -C xz -d ./grub-core \
> -o /tmp/multiboot.img
>
> Here is how I start qemu after:
>
> qemu -kernel /tmp/multiboot.img -vga std -m 256
>
> And I get the following error:
>
> Missing Multiboot memory information
> Aborted.
>
>
qemu has a bug of always putting mbi at 0x9500 even if this location is
used by binary.
> Is there any known working way to test multiboot images?
> Is there a better path to be able to use kexec to load and execute GRUB?
>
>
> I would very much like to offer the `wipe_memory` command for inclusion
> in GRUB (and do the necessary refinements on the patch) once we have
> something that works from one end to the other for Tails.
>
> Thanks for your help,
>
>
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
--
Regards
Vladimir 'φ-coder/phcoder' Serbinenko
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 294 bytes --]
next prev parent reply other threads:[~2012-09-05 5:45 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-26 23:30 kexec GRUB, multiboot port and qemu Ague Mill
2012-09-05 5:45 ` Vladimir 'φ-coder/phcoder' Serbinenko [this message]
2012-09-05 14:37 ` Ague Mill
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5046E6DE.5050907@gmail.com \
--to=phcoder@gmail.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.