Re: [Tails-dev] Shipping a 686-pae kernel

Delete this message

Reply to this message
Author: anonym
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Shipping a 686-pae kernel
04/09/12 14:52, intrigeri:
> Hi,
>
> for various reasons (supporting big amounts of RAM, supporting >1 CPU
> core, NX bit), we want to ship a 686-pae kernel in addition to the
> current (486, non-SMP) one we already have, and make the bootloader
> autodetect the most appropriate kernel depending on what the
> CPU supports.
>
> Work towards this started a while ago, but tremendous progress was
> made these last days, thanks to a proof-of-concept by Ague that
> allowed me to jump over one of the remaining blockers and bring the
> feature into a state that I think is worth testing.


Awesome!

> So, I just merged the feature/multikernel branch into experimental.


Built and so far tested in VirtualBox. Seems to work just as expected,
e.g. vmlinuz2 is run, I can see my VM's full 8 GB of RAM and dmesg says
that NX protection is active.

> 2. see if kexec'ing a -686-pae kernel (on hardware that supports it)
>    fixes "sdmem does not clear all memory"


This won't work. Even with PAE, processes cannot have more than 4 GB of
memory (after all, pointers are still 32 bit = 4 GB). The actual limit
seems to still be ~2 GB though since I had to run 4 fillram instances in
parallel to fill my VM's 8 GB of RAM (and even them they got OOM-killed
before all memory was used for some reason). Here's the results:

Memory containing the pattern before wipe: 7,805,189,024 bytes
Memory containing the pattern after wipe: 5,626,755,520 bytes

It's seems we still have to wait for Ague's wipe_memory GRUB module.

Cheers!