steve@mctavish.demon.co.uk said:
> How feasible would it be to add some form of verification check to the
> kernel's bootloader?

During development of the i386 boot loaders I've used some
checksum code (the libc sum stuff) to verify that the
image was loaded properly to memory. That's simple.
I've thought about separating the load and execute parts
in the bootloader. If one adds a checksum feature then,
he can just load the image and check it.

An automatic check is not the right thing imho. We'd have
to wire the checksum into the bootloader every time the
kernel is changed (or perhaps put it into a separate file) -
a simple "cp netbsd /; reboot" wouldn't work anymore.
It would be as bad as LILO.

Since we have md5 in libkern, it could be used as well.
It is quite big, on i386 we get trouble if it is used
together with libz and other space consuming code.
(There is a 64k limit for text+data+bss+stack because
we need to support real mode BIOS calls.)

best regards
Matthias