lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 20 Feb 2017 19:46:58 +0100
From:   Daniel Kiper <>
To:     The development of GNU GRUB <>
Cc:     Daniel Kiper <>,
        Juergen Gross <>,
        "Michael S. Tsirkin" <>,
        Matt Fleming <>,,
        Daniel Kiper <>,,, Alexander Graf <>,, "Luis R. Rodriguez" <>,
        Ingo Molnar <>,
        Chao Peng <>,
        Al Viro <>,
        Andy Lutomirski <>,
        Josh Poimboeuf <>,
        Paolo Bonzini <>,
        Thomas Gleixner <>,
        Borislav Petkov <>, Amnon Ilan <>,
        Thomas Garnier <>,
Subject: Re: [RFC PATCH] x86/boot: make ELF kernel multiboot-able

On Thu, Feb 16, 2017 at 09:00:05PM -0800, H. Peter Anvin wrote:
> On 02/16/17 15:27, Daniel Kiper wrote:
> > That is obvious. Do you think that Multiboot/Multiboot2 protocols are
> > substantially suboptimal?
> Yes.  They push a lot of things into the bootloader for no good reason,

I have not seen anything in Multiboot(2) specs which stipulates that every
bootloader must implement all features. If somebody needs minimal Multiboot(2)
compatible bootloader he/she can do that. Just parse Multiboot(2) header and
provide, let's call it in that way, empty boot data. Is it difficult?

> thus tying the kernel's hands and making the whole boot process more
> fragile.

Every kernel may take from the bootloader via Multiboot(2) what it needs.
No more no less. There is no requirement to use all data provided by
the bootloader.

> It isn't either like Grub has been very good about keeping to any spec,
> their own or others.

Could you be more precise?


Powered by blists - more mailing lists