LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 10-06-2007, 02:29 PM   #1
nikhil86
LQ Newbie
 
Registered: Apr 2007
Posts: 17

Rep: Reputation: 0
how do i make a prgram load into RAM before the OS boots?


Hi!
I want to perform integrity checking on my OS files before my computer boots up.
For this, i want to know how i can get my own prog to load into memory so that it can check the compressed kernel image "vmlinuz"...
pls help.
For the checking, i plan to use a dbm database that stores the SHA1 hashes for all the files i want to authenticate....so i need to load that database into RAM also...

Nikhil.
 
Old 10-06-2007, 02:55 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,005
Blog Entries: 11

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Mate, you're about to write your own OS :}

Think about it: you'll need to implement low level I/O
to get partition info, implement the Linux file-systems
you want to check, ...


Cheers,
Tink
 
Old 10-06-2007, 03:43 PM   #3
okmyx
Member
 
Registered: May 2004
Location: Cornwall, UK
Distribution: Ubuntu 8.04
Posts: 464

Rep: Reputation: 31
You could build your own bootable CD distribution, customized startup script could do the necessary hash comparisons etc.

But to be honest if your that paranoid about changes being made to files why don't you have your system files boot from CD and have your user files stored on the HD.
 
Old 10-06-2007, 04:54 PM   #4
gnashley
Amigo developer
 
Registered: Dec 2003
Location: Germany
Distribution: Slackware
Posts: 4,775

Rep: Reputation: 481Reputation: 481Reputation: 481Reputation: 481Reputation: 481
If you onyl want to check files that are contained in the filesystem you could boot using an initrd which would do all that before mounting the root partition.
However, you state that you want to verify the kernel image. In order to do that you'd need to write a program in assembler which could be run by the boot-loader before loading the kernel. But I don't see the point in trying to verify the kernel itself -if you have compiled it yourself then you should know if it is alright and it can't really be corrupted once compiled.
 
Old 10-06-2007, 06:01 PM   #5
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,539

Rep: Reputation: 149Reputation: 149
I wouldn't go for writing a separate application. Instead, I'd add the code to the bootloader, just before it gets the kernel image (then you have all the low level stuff you need).
 
Old 10-07-2007, 01:18 PM   #6
nikhil86
LQ Newbie
 
Registered: Apr 2007
Posts: 17

Original Poster
Rep: Reputation: 0
Thank you all!
The thing is this integrity checking is to make a prototype for a company, for whom i'm assigned a project as a Computer Engineering student.
I fancy the bootloader idea, i guess that wil be a little less messy....
But, suppose i make the changes for GRUB, they won't work for LILO i suppose; or for that matter any other boot-loader....
That i think is inevitable....

Can you recommend any books/online tutorials that can provide a way to modify the bootloader, so that i can boot my program?

If any of you'll have worked on similar source code (assembly, i suppose), you could mail it to me at nikhil.pirate@gmail.com

Thanks again.
Nikhil.
 
Old 10-08-2007, 06:29 AM   #7
gnashley
Amigo developer
 
Registered: Dec 2003
Location: Germany
Distribution: Slackware
Posts: 4,775

Rep: Reputation: 481Reputation: 481Reputation: 481Reputation: 481Reputation: 481
You'll need to study the code for some bootloaders and incorporate your code there. I'd suggest studying grub(0.97) or Smart Boot Manager (tiny one with some unique features).
Are you sure that they want the kernel checked before loading?
 
Old 10-08-2007, 07:26 AM   #8
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 729Reputation: 729Reputation: 729Reputation: 729Reputation: 729Reputation: 729Reputation: 729
There are a variety of web sites (Google for "mbr") providing detailed analysis of how the Windows boot code works. With this--plus the source code for GRUB--you should be able to see what is going on.

I have the impression that the combination of you + your management are about to go on a side road---ie a closer examination of the end objective might reveal a better approach.
 
Old 10-08-2007, 12:11 PM   #9
gnashley
Amigo developer
 
Registered: Dec 2003
Location: Germany
Distribution: Slackware
Posts: 4,775

Rep: Reputation: 481Reputation: 481Reputation: 481Reputation: 481Reputation: 481
I agree with pixellany -that's why I asked if you are sure that they really want to do some verification of the kernel itself. I suspect that they are really want to verify files which are located on the root file system before mounting it -which can be done with an initrd which contains your program and any libs it needs.
 
Old 10-09-2007, 01:38 PM   #10
nikhil86
LQ Newbie
 
Registered: Apr 2007
Posts: 17

Original Poster
Rep: Reputation: 0
Hello!
WEll, when we (me + 2 frnds) spoke to the company person, he said he'd want a software that checked the entire system for integrity. He specified the kernel, and the "critical OS files".
I've yet to find out what these "critical OS files" are, but i'll find out sooner or later...

The general idea is this:
If you have a computer system, what's the guarantee that someone (a hacker/cracker) hasn't modified the system to say install a trojan? The possibility is a little less with the vmlinuz file i think, but its still possible....That is why, the goal is to verify most of the OS files, and the Application packages.

What I've done so far is code a C file that takes a filename as an argument. It checks this file for integrity using a dbm databse and SHA1 hash keys.

Somehow, i want this code (or similar code) to run at boot-up and check atleast some of the OS files, including the vmlinuz file.

Will check the links you have given.

Thanks again
Nikhil.
 
Old 10-09-2007, 03:06 PM   #11
gnashley
Amigo developer
 
Registered: Dec 2003
Location: Germany
Distribution: Slackware
Posts: 4,775

Rep: Reputation: 481Reputation: 481Reputation: 481Reputation: 481Reputation: 481
I suppose that you could check the kernel against an md5 or checksum, but as stated, you'd have to write machine/assembler code that runs before the kernel boots. That means code that could be run by the bootloader. Maybe you should look at the code for memdisk, which is part of syslinux.
I still suspect that the person you talked doesn't really know what a kernel is or how it fits into things. At any rate, you can boot with a kernel which is not even on the same machine. If he's worried about the integrity of the kernel he can have it on a floppy, CD, or USB device completely separate from the machine. Or he could use a pxe/netboot ROM to load the kernel over a network.
 
Old 10-09-2007, 03:31 PM   #12
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
Wait. Just boot some live cd like okmyx said, mount the partition and check the files without doing any asm stuff. What's wrong with that?
 
Old 10-09-2007, 05:30 PM   #13
rsashok
Member
 
Registered: Nov 2006
Location: USA, CA
Distribution: RedHat, Debian
Posts: 202

Rep: Reputation: 31
To be sure that your kernel is not tempered put it in read-only partition, or keep it in write protected flash, or ... etc. There are better ways to archive your goal then writing bootloader extensions.

Make sure that the person making the requirements really understands what they are, and explain available alternatives.

I'd would booted kernel and initrd from read-only partition, and run script verifying your file system. Idea is about the same as booting from live CD. The bottom line try to avoid any fancy stuff.
 
Old 10-10-2007, 02:32 AM   #14
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
There is naked lady or smth similar called linux distro which is the most minimal one. You can try this.
 
Old 10-10-2007, 01:42 PM   #15
nikhil86
LQ Newbie
 
Registered: Apr 2007
Posts: 17

Original Poster
Rep: Reputation: 0
Hi!
From what you've all replied, i get one thing:
Making a bootloader extension is perhaps not the best way to go about this problem.
However, I'd like to raise an issue:

Suppose you already have this Linux OS installed on a NON-read-only partition, with some application packages installed. You are the system admin. You don't like booting from any place other than your HDD, (e.g. everytime booting from a CD is not exactly convenient).

The idea as given to me was to check the integrity of the kernel and the critical OS files EVERYTIME the system boots up. And if this happens automatically (without inserting a CD), then its preferable. Won't booting with a CD be a hassle to manage security?

Given this, I know that building a bootloader extension might be too difficult especially for us. Neither of us is that experienced to write any bootloader code yet.
If its really not worth the trouble, maybe its better to have a CD to do the checking, instead of having an inbuilt system. But do you think this will be a viable/realistic solution?

One more point: what exactly is initrd?

Thanks again.
Nikhil.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
redhat enterprise linux 4 boots slow with 2 GB RAM , boots fast with 512MB robinsingh Linux - Hardware 14 08-27-2008 12:34 AM
FC4+ubuntu load,won't boot ;or boots w/ KERNAL PANIC! Miah Linux - Newbie 9 05-09-2006 06:07 PM
where is kernel? still boots to 2.4.31 after make 2.6.16.1 ctos Slackware 8 04-05-2006 07:31 AM
How to make a bin file executable and install the prgram shariqali Linux - Software 6 03-29-2006 02:11 PM
how can i make duel boots kennycc Linux - Software 14 03-16-2005 02:12 AM


All times are GMT -5. The time now is 08:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration