[LinuxBIOS] reliable boot loader
Peter Stuge
stuge-linuxbios at cdy.org
Fri Mar 30 15:01:52 CEST 2007
On Thu, Mar 29, 2007 at 10:02:09PM +0100, Capt Beany wrote:
> The system in question has software raided disk for
> redunancy but this doesnt help when the boot kernel is
> corrupt.
This requires support in the boot loader too.
> What I hope to achieve is that once the boot loader is
> running, it will scan the systems boot devices for
> files containing boot information (the files would
> either be text files with a known extension or binary
> files with a magic number) that contain the
> kernel/ramdisk filenames, the kernel/ramdisk
> checksums, a boot priority and the checksum of the
> file itself.
>
> It should then be possible to select the highest
> priority kernel/ramdisk to boot, checksum it and if
> this checksum fails fall back to the next
> kernel/ramdisk pair.
>
> Does this sound like a reasonable approach to the
> problem ?
That depends on the threat.
If the kernel can be corrupted "on purpose" the checksum could
be changed as well, and this scheme would provide no protection.
For bit errors in the storage the checksum would be fine.
(Or you could get a hardware RAID controller and get that, and better
performance, for less cost than developing the boot loader.)
//Peter
More information about the coreboot
mailing list