nx_bit.mdwn

[[!toc levels=2]]

Rationale and context
=====================

The [[!wikipedia NX_bit]] helps enabling executable space protection.
Most 64bits, and some 32bits, x86 CPUs support this.

On Linux, PAE must be enabled to get the NX bit enabled. We cannot
blindly enable PAE, as it "causes pre-Pentium Pro (including Pentium
MMX) and Celeron M and Pentium M processors without NX support to fail
to boot"
([Wikipedia](https://secure.wikimedia.org/wikipedia/en/wiki/NX_bit#Linux)).

So we cannot default to use PAE, and should at least provide the
non-bigmem one as an alternative choice in the bootloader or wait for
non-PAE systems to be rare enough so that we can stop supporting them.

As of 2.6.39, Debian -686 kernels have PAE enabled (reference: [Ben's
blog](http://womble.decadent.org.uk/blog/upcoming-changes-in-debian-linux-packages-for-i386.html)),
that's why we now ship a -486 kernel.

If we don't want to ship -486 until non-PAE systems die, and forget
about NX bit until then, we have to ship both -686-pae and -486, *and*
have the bootloader autodetect the most appropriate one depending on
what the kernel supports.

Implementation
==============

### Done

The `feature/multikernel` branch:

- installs three kernels (`-486`, `-686-pae`, `-amd64`) => makes the
  ISO 66MB bigger (current devel branch that avoids shipping every
  kernel twice)
- offers two menu entries (*Start Tails* and *Start Tails (failsafe)*)
  that autoselect best kernel wrt. hardware support; other menu
  entries auto-generated by live-build are hidden, but behind the
  curtain the autodetection code jumps to the one it thinks is best

### Next steps

- stuff added to the command-line in the syslinux menu is ignored;
  seems like the ifcpu64 module does not pass parameters to the other
  (hidden, auto-detected) menu entry it runs; inserting `--` between
  `append live-amd64 -- live-686-pae -- live` and the additional
  parameters was tried, and failed too; so,
  * on the short run, we can forget the ifcpu64 part, and ship
    a multikernel image with a "one line per kernel" (486, 686-pae,
    amd64) menu - will be better than nothing; [[!tag todo/code]]
  * on the long run, we probably have to e.g.
    add another level of redirection, and -if possible- have ifcpu64
    "boot" a submenu that displays the autodetected kernel, and provides
    ways to edit it. [[!tag todo/code]]
- check that our build system does not do stuff say, for *the one and
  only* kernel
- [[!taglink todo/wait]] for a graphical [[todo/boot_menu]] to take
  over the language choosing functionality.

Resources
=========

The `ifcpu64.c32`
[module](http://syslinux.zytor.com/wiki/index.php/Ifcpu64.c32) seems
to provide what we need, allowing to do different things for 64-bit
hardware, 32-bit hardware with PAE support and 32-bit hardware without
PAE, like this:

	label boot_kernel
		com32 ifcpu64.c32
		append boot_kernel_64 -- boot_kernel_32pae -- boot_kernel_32
	label boot_kernel_32
		kernel vmlinuz_32
		append ...
	label boot_kernel_32pae
		kernel vmlinuz_32pae
		append ...
	label boot_kernel_64
		kernel vmlinuz_64
		append ...

Unfortunately, it does not *select* a default kernel, but boots it
right away; we want to allow the user to customize the kernel command
line, so we have to add a (selected by default) menu entry that reads
something like *Autodetect and boot*.

## Discarded

### HDT

The HDT (hardware detection tool) syslinux module
([homepage](http://www.hdt-project.org/), [page on syslinux
wiki](http://syslinux.zytor.com/wiki/index.php/Hdt_(Hardware_Detection_Tool)))
has code that might help supporting this; it's been shipped in
mainline syslinux for a while. On the other hand does *not* offer any
kind of feature that can be used to parameterized the boot menu.

### default64 menu keyword

Debian multi-arch installer's syslinux menu autodetects
amd64-compatible hardware and pre-selects the right default kernel.
Seems like it uses the `default64` menu keyword (see debian-installer
Git repository). Unfortunately, this solution is not suitable for us
because it does not allow to select a kernel depending on PAE support,
and is [not part of recent syslinux
package](http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505496#16).

### ifcpu.c32

Other COM32 modules shipped with syslinux might be better suited for
our specific needs. See especially `ifcpu.c32`; according to its
source code, it can "run one command if system match some CPU
features, another if it doesn't" and is supposed to be used
e.g. like this:

	label ifcpu
	    com32 ifcpu.c32
	    append pae -- boot_entry_1 -- boot_entry_2

	label boot_entry_1
	    kernel vmlinuz_entry1
	    append ...

	label boot_entry_2
	    kernel vmlinuz_entry2
	    append ...

... which would almost suit our needs but only allows two
alternatives, while we need three.