From: "Vladimir 'φ-coder/phcoder' Serbinenko" <phcoder@gmail.com>
To: grub-devel@gnu.org
Subject: Re: does the chainloader command ever return?
Date: Wed, 21 Dec 2011 11:41:37 +0100 [thread overview]
Message-ID: <4EF1B7E1.30803@gmail.com> (raw)
In-Reply-To: <20111218222435.GF24811@riva.dynamic.greenend.org.uk>
>> I want a dual-boot system (windows XP/linux) that normally boots the
>> windows XP partition, but if that partition is not yet loaded or horribly
>> corrupted, I want grub to automatically boot the other (linux) partition.
> I suppose it might be possible to come up with some other way to check
> the integrity of the Windows XP boot sector. It might involve a custom
> GRUB module.
>
For the case of Windows we can do better than that: we can skip boot
sector altogether and load ntldr/bootmgr directly thus bootsector
problems other the ones which make partition unreadable (in which case
you'll get an FS error) are irrelevant. ntldr/bootmgr isn't thoroughly
checked and may be corrupted in which case we're back to running
garbage. However it's much less likely for the file with given name on
apparently intact FS to be corrupted than the sector 0 of a partition
with unknown FS status. This problem isn't unique to ntldr/bootmgr but
other payloads are affected as well to various degrees.
Whether doing more checks is warranted is unclear. Even perfectly
correct image can fail because of corruption in other files or hw
issues. While it's theoretically possible to simulate the whole boot to
see if it fails, it's not practicable due to effort and boot time
needed. Some simple checks would be good provided that they are fast and
don't result in false negatives but are unlikely to make difference.
Checksums and signatures are another story but unless it's maintained
together with or inside the image, it's likely to fail on updates. We
could check checksum and signatures on following payloads:
-Linux (CRC32)
-Solaris (ELF signature)
Something else?
However signature checking increases the dependencies of loader modules
but it's probably small price to pay compared to the risk of loading and
running damaged kernel.
Bottom line is: you can't check for sure that something will boot, at
most you can check that it wasn't damaged after compilation.
--
Regards
Vladimir 'φ-coder/phcoder' Serbinenko
prev parent reply other threads:[~2011-12-21 10:42 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-06 16:47 does the chainloader command ever return? Loving, Kent
2011-12-18 22:24 ` Colin Watson
2011-12-21 10:41 ` Vladimir 'φ-coder/phcoder' Serbinenko [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4EF1B7E1.30803@gmail.com \
--to=phcoder@gmail.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).