kexec to -amd64 kernel on hardware that supports it.

That way, sdmem may wipe all memory. Testing will confirm or infirm that hypothesis.

kexec to -amd64 kernel on hardware that supports it.
That way, sdmem may wipe all memory. Testing will confirm or infirm that hypothesis.
cca135f9 · Tails developers · a49e53a8 · cca135f9 · cca135f9 · cca135f9
Commit cca135f9 authored Dec 28, 2011 by Tails developers
3 changed files
--- a/config/chroot_local-includes/etc/init.d/tails-reconfigure-kexec
+++ b/config/chroot_local-includes/etc/init.d/tails-reconfigure-kexec
@@ -9,12 +9,15 @@
 # Description:          Reconfigure kexec depending on running kernel
 ### END INIT INFO

+PATH="/usr/local/bin:${PATH}"
 KEXEC_CONF=/etc/default/kexec

 case "$1" in
  start)
-	echo "KERNEL_IMAGE=\"$(/usr/local/bin/tails-get-bootinfo kernel)\"" >> "$KEXEC_CONF"
-	echo "INITRD=\"$(/usr/local/bin/tails-get-bootinfo initrd)\"" >> "$KEXEC_CONF"
+	KERNEL_IMAGE=$(tails-boot-to-kexec kernel $(tails-get-bootinfo kernel))
+	INITRD=$(tails-boot-to-kexec initrd $(tails-get-bootinfo initrd))
+	echo "KERNEL_IMAGE=\"${KERNEL_IMAGE}\""   >> "$KEXEC_CONF"
+	echo "INITRD=\"${INITRD}\""               >> "$KEXEC_CONF"
 	if grep -qw debug=wipemem /proc/cmdline; then
 	   echo 'APPEND="${APPEND} sdmemdebug=1"' >> "$KEXEC_CONF"
 	fi

--- a/config/chroot_local-includes/etc/init.d/tails-reconfigure-memlockd
+++ b/config/chroot_local-includes/etc/init.d/tails-reconfigure-memlockd
@@ -9,12 +9,15 @@
 # Description:          Reconfigure memlockd depending on running kernel
 ### END INIT INFO

+PATH="/usr/local/bin:${PATH}"
 MEMLOCKD_CONF=/etc/memlockd.cfg

 case "$1" in
  start)
-	/usr/local/bin/tails-get-bootinfo kernel >> "$MEMLOCKD_CONF"
-	/usr/local/bin/tails-get-bootinfo initrd >> "$MEMLOCKD_CONF"
+	tails-boot-to-kexec kernel $(tails-get-bootinfo kernel) \
+		>> "$MEMLOCKD_CONF"
+	tails-boot-to-kexec initrd $(tails-get-bootinfo initrd) \
+		>> "$MEMLOCKD_CONF"
 	service memlockd restart
 	;;
  *)

--- a/config/chroot_local-includes/usr/local/bin/tails-boot-to-kexec
+++ b/config/chroot_local-includes/usr/local/bin/tails-boot-to-kexec
+#!/bin/sh
+
+running_on_amd64_hardware() {
+   egrep '^flags[[:space:]]+:' /proc/cpuinfo | uniq | grep -qw lm
+}
+
+case "$1" in
+   kernel)
+      boot_kernel="$2"
+      if running_on_amd64_hardware ; then
+	 echo "$boot_kernel" | sed -e 's,/vmlinuz$,/vmlinuz3,'
+      else
+	 echo "$boot_kernel"
+      fi
+      ;;
+   initrd)
+      boot_initrd="$2"
+      if running_on_amd64_hardware ; then
+	 echo "$boot_initrd" | sed -e 's,/initrd\.img$,/initrd3.img,'
+      else
+	 echo "$boot_initrd"
+      fi
+      ;;
+   *)
+      usage "$0 kernel|initrd"
+      exit 3
+esac
+
+exit 0