| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 04 Oct 2006 02:04:49 -0600 From: ebiederm@...ssion.com (Eric W. Biederman) To: "H. Peter Anvin" <hpa@...or.com> Cc: vgoyal@...ibm.com, Andrew Morton <akpm@...l.org>, linux kernel mailing list <linux-kernel@...r.kernel.org>, Reloc Kernel List <fastboot@...ts.osdl.org>, ebiederm@...ssion.com, ak@...e.de, horms@...ge.net.au, lace@...kratochvil.net, magnus.damm@...il.com, lwang@...hat.com, dzickus@...hat.com, maneesh@...ibm.com Subject: Re: [PATCH 12/12] i386 boot: Add an ELF header to bzImage "H. Peter Anvin" <hpa@...or.com> writes: > Vivek Goyal wrote: >> Hi Andrew, >> Right now I don't have access to my test machine. Tomorrow morning, >> very first thing I am going to try it out with your config file. >> This patch just adds and ELF header to bzImage which is not even used >> by grub. >> > > Oh yes, it will be. See below. > >> So without this patch you are able to boot the kernel on your laptop? > > Danger, Will Robinson. GRUB, Etherboot, and a whole bunch of other boot loaders > will recognize an ELF binary and load it as such. They will typically load it > as an executable (not a relocatable object) -- I doubt many of them check that > appropriate part of the ELF header -- so unless your kernel can be safely loaded > *AND RUN* in that mode this is not going to work. The bzImage be safely loaded run in that mode. The only question is one of arguments. Because there are no standards. For Etherboot we are good. For the insanity that is GRUB I haven't the faintest clue but we should be ok as we don't have a multiboot header. > The entrypoint is going to be a major headache, since the standard kernel is > entered in real mode, whereas an ELF file will typically be entered in protected > mode, quite possibly using the C calling convention to pass the command line as > (argc, argv). God only knows how they're going to deal with an initrd. > > It may very well be that the ELF magic number has to be obfuscated. The entry point that is exported is the kernels protected mode entry point that is used after the real mode code has been run. This is to allow bootloaders like kexec where running the real-mode code is insane or impossible to be used. The calling conventions though are not changed, this is just formalizing something that various groups have been doing for years. Since it is all in the bzImage we still only have a single file format to support, so any bootloader that can load a standard bzImage and run the kernels real mode code should still do it that way but. If you can't the rest of the information is available. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists