Hi! As a developer working on Tails [1], a live distribution aimed at protecting its users' privacy, I am trying to tackle one of our long-standing issue: we need to properly overwrite the system memory with zeros on shutdown in order to erase traces of the user activity.
Actually, after some long hours of hacking, it looks like GRUB could be all what we needed to nail this issue. Have a look at the current state of affairs [2] if you are interested in the details. [1] https://tails.boum.org/ [2] https://tails.boum.org/bugs/sdmem_does_not_clear_all_memory/grub/ I am currently stuck on how to obtain a standalone GRUB image that could be kexec'ed from Linux. When building an ELF image with the 'pc' port, kexec replies: Base address: 8200 is not page aligned The next candidate looked like the 'multiboot' port. But I can't get an image that will work in qemu. I have tried to build a strictly minimal boot image using the following commands: ./configure --with-platform=multiboot --target=i386 make -j4 ./grub-mkimage -O i386-multiboot -C xz -d ./grub-core \ -o /tmp/multiboot.img Here is how I start qemu after: qemu -kernel /tmp/multiboot.img -vga std -m 256 And I get the following error: Missing Multiboot memory information Aborted. Is there any known working way to test multiboot images? Is there a better path to be able to use kexec to load and execute GRUB? I would very much like to offer the `wipe_memory` command for inclusion in GRUB (and do the necessary refinements on the patch) once we have something that works from one end to the other for Tails. Thanks for your help, -- Ague
pgpI3cZ3WT2yK.pgp
Description: PGP signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
