On Wed, Oct 26, 2016 at 03:18:44AM +0200, Arthur Heymans wrote:
I have been working on building a Petitboot, a kexec bootloader, [0] based Linux payload using the Buildroot build system to produce a nice bzImage that contains both linux and the initrd. It is inspired by the Raptor Enginering HOWTO [0] and is based on op-build [1], the tool for building OpenPOWER firmware, which also uses Buildroot and Petitboot.
Very interesting -- it is similar to my Heads bootloader / configuration project, which is focused on how to use all of the security features of commodity x86 systems (fully encrypted disks, TPM sealing and attestation, SPI BP bits, tamper switches, etc), to make a slightly more secure laptop:
[...] A disadvantage is that a Linux + initrd payload takes up quite a bit of space. A fairly stripped down kernel + initrd takes up ~6.9M in the current Buildroot + Linux configuration I have. So a large flash chip or replacing the flash with a larger one is recommended.
My current coreboot + Linux + initrd is about 3.8 MB, which will fit into the top 4 MB SPI flash on the x230 and can kexec into Qubes. It has no legacy BIOS, which required a few hacks to the Xen kernel to work.
It is still very much a WIP and quite rough around the edges; there is no menuing system right now, nor any sort of GUI. The installation guide is definitely a draft.