From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1T98QN-0005pO-DK for mharc-grub-devel@gnu.org; Wed, 05 Sep 2012 01:45:15 -0400 Received: from eggs.gnu.org ([208.118.235.92]:56155) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1T98QK-0005pI-Hk for grub-devel@gnu.org; Wed, 05 Sep 2012 01:45:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1T98QJ-00062a-CQ for grub-devel@gnu.org; Wed, 05 Sep 2012 01:45:12 -0400 Received: from mail-we0-f169.google.com ([74.125.82.169]:63012) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1T98QJ-00061l-4N for grub-devel@gnu.org; Wed, 05 Sep 2012 01:45:11 -0400 Received: by weys10 with SMTP id s10so119443wey.0 for ; Tue, 04 Sep 2012 22:45:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; bh=OQAKI8uBShhSfF52DMNo1hOwgURjGgVf2bRoM5sEKAY=; b=LLR48tJbNbPFBPCJcix6UusnxNapZ38n34AU/TAv01vjXDXD//erSKjKoBHJaz91Az UpwNC3e5YbHL5Rfz8M43eyjoo5ogXkFLeQANF3JzYfzwRZ+YTAr+UcPuTHbIyvdYIfCd phFetXGJFcCw7k0ZFtkb8i3rIkSkdnq8W1bv8zzYf915qbL2wg9hORw2luFbqfEjfK6e ppP3W2u12o5WJ/IRgbXKIwzYYnwZg8g53sE70D8t9C8XHtroom5cSI8gfgvxXGlNg5JD sNRkyX3tVnl4snHQIvMpUbOV7DqWvTxMbSZvJKp9epyubGDh0JgqACCt/I3NYBnDnw16 xQIg== Received: by 10.180.74.33 with SMTP id q1mr35450573wiv.4.1346823909943; Tue, 04 Sep 2012 22:45:09 -0700 (PDT) Received: from debian.x201.phnet (51-233.197-178.cust.bluewin.ch. [178.197.233.51]) by mx.google.com with ESMTPS id el6sm27411809wib.8.2012.09.04.22.45.08 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 04 Sep 2012 22:45:08 -0700 (PDT) Message-ID: <5046E6DE.5050907@gmail.com> Date: Wed, 05 Sep 2012 07:45:02 +0200 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.6esrpre) Gecko/20120817 Icedove/10.0.6 MIME-Version: 1.0 To: grub-devel@gnu.org Subject: Re: kexec GRUB, multiboot port and qemu References: <20120826233020.GD4286@localhost> In-Reply-To: <20120826233020.GD4286@localhost> X-Enigmail-Version: 1.4.1 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig43B64DB1D0A5139C7D2E6866" X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 74.125.82.169 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Sep 2012 05:45:13 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig43B64DB1D0A5139C7D2E6866 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 27.08.2012 01:30, Ague Mill wrote: > Hi! >=20 > As a developer working on Tails [1], a live distribution aimed at > protecting its users' privacy, I am trying to tackle one of our > long-standing issue: we need to properly overwrite the system memory > with zeros on shutdown in order to erase traces of the user activity. >=20 > Actually, after some long hours of hacking, it looks like GRUB could > be all what we needed to nail this issue. Have a look at the current > state of affairs [2] if you are interested in the details. >=20 kexec'ing GRUB for this is an overkill it's much easier to have just a small loop for this. Also note that i386 GRUB is unable to access memory beyond 4G. It's not a problem for loading kernels but is a problem for your application. > [1] https://tails.boum.org/ > [2] https://tails.boum.org/bugs/sdmem_does_not_clear_all_memory/grub/ >=20 >=20 > I am currently stuck on how to obtain a standalone GRUB image that coul= d > be kexec'ed from Linux. >=20 > When building an ELF image with the 'pc' port, kexec replies: >=20 > Base address: 8200 is not page aligned >=20 > The next candidate looked like the 'multiboot' port. But I can't get an= > image that will work in qemu. I have tried to build a strictly minimal > boot image using the following commands: >=20 > ./configure --with-platform=3Dmultiboot --target=3Di386 > make -j4 > ./grub-mkimage -O i386-multiboot -C xz -d ./grub-core \ > -o /tmp/multiboot.img >=20 > Here is how I start qemu after: >=20 > qemu -kernel /tmp/multiboot.img -vga std -m 256 >=20 > And I get the following error: >=20 > Missing Multiboot memory information > Aborted. >=20 >=20 qemu has a bug of always putting mbi at 0x9500 even if this location is used by binary. > Is there any known working way to test multiboot images? > Is there a better path to be able to use kexec to load and execute GRUB= ? >=20 >=20 > I would very much like to offer the `wipe_memory` command for inclusion= > in GRUB (and do the necessary refinements on the patch) once we have > something that works from one end to the other for Tails. >=20 > Thanks for your help, >=20 >=20 >=20 > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel --=20 Regards Vladimir '=CF=86-coder/phcoder' Serbinenko --------------enig43B64DB1D0A5139C7D2E6866 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREKAAYFAlBG5t4ACgkQNak7dOguQgm5iwD/ZrgQtKvEo+q+/SdVr1JNPAga W/yXRGhgSrwCNDBg6vABAMB5NYBFw2MDCOb/bQURL5ZXhyIhqqDPR/87Vx+NSAIv =CqT8 -----END PGP SIGNATURE----- --------------enig43B64DB1D0A5139C7D2E6866--