grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: does the chainloader command ever return?

From: Vladimir 'φ-coder/phcoder' Serbinenko
Subject: Re: does the chainloader command ever return?
Date: Wed, 21 Dec 2011 11:41:37 +0100
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16 


    I want a dual-boot system (windows XP/linux) that normally boots the
    windows XP partition, but if that partition is not yet loaded or horribly
    corrupted, I want grub to automatically boot the other (linux) partition.

I suppose it might be possible to come up with some other way to check
the integrity of the Windows XP boot sector.  It might involve a custom
GRUB module.
For the case of Windows we can do better than that: we can skip boot sector altogether and load ntldr/bootmgr directly thus bootsector problems other the ones which make partition unreadable (in which case you'll get an FS error) are irrelevant. ntldr/bootmgr isn't thoroughly checked and may be corrupted in which case we're back to running garbage. However it's much less likely for the file with given name on apparently intact FS to be corrupted than the sector 0 of a partition with unknown FS status. This problem isn't unique to ntldr/bootmgr but other payloads are affected as well to various degrees. Whether doing more checks is warranted is unclear. Even perfectly correct image can fail because of corruption in other files or hw issues. While it's theoretically possible to simulate the whole boot to see if it fails, it's not practicable due to effort and boot time needed. Some simple checks would be good provided that they are fast and don't result in false negatives but are unlikely to make difference. Checksums and signatures are another story but unless it's maintained together with or inside the image, it's likely to fail on updates. We could check checksum and signatures on following payloads: 
-Linux (CRC32)
-Solaris (ELF signature)
Something else?
However signature checking increases the dependencies of loader modules but it's probably small price to pay compared to the risk of loading and running damaged kernel. Bottom line is: you can't check for sure that something will boot, at most you can check that it wasn't damaged after compilation. 

--
Regards
Vladimir 'φ-coder/phcoder' Serbinenko
reply via email to
[Prev in Thread] Current Thread [Next in Thread]