On 2021-10-05, Arka Sharma <arka.sw1988@gmail.com> wrote:
> Hi All,
>
> I am very much new to OpenBSD. I have come across KARL, and I wonder since
> a new kernel image is created on every boot, how does it impact secure
> boot.How the new binary is signed ? Is the kernel image signed on every
> boot ?
The kernel is not internally signed anywhere. Signing is done via the
SHA256.sig file on the mirrors and is checked when doing an online
install or when sysupgrade is used to update the machine.
> Also suppose we have a crash and dump is generated, how does KARL impact
> gdb when the core file is opened ?
You'll need to save kernels yourself if you want to use them directly with
gdb. Usually it's easier, faster, and more reliable to use ddb (if you boot
a kernel compiled with debug symbols you'll get line numbers in ddb).
--
Please keep replies on the mailing list.
No comments:
Post a Comment