On Thu, Sep 19, 2024 at 05:32:00PM +0100, Mate Kukri wrote:
> For NX, we need to set write and executable permissions on the sections
> of grub modules when we load them.
>
> On sections with SHF_ALLOC set, which is typically everything except
> .modname and the symbol and string tables, this patch
On Thu, Sep 19, 2024 at 05:31:59PM +0100, Mate Kukri wrote:
> For NX, we need to set the page access permission attributes for write
> and execute permissions.
>
> This patch adds two new primitives, grub_set_mem_attrs() and
> grub_clear_mem_attrs(), and associated constant definitions, to be used
On Thu, Sep 19, 2024 at 05:31:58PM +0100, Mate Kukri wrote:
> Currently we load module sections at whatever alignment gcc+ld happened
> to dump into the ELF section header, which is often less then the page
> size. Since NX protections are page based, this alignment must be
> rounded up to page siz
On Sun, Sep 08, 2024 at 06:43:11PM +0300, Vladimir Serbinenko wrote:
> We currently use an old version of libcrypt which
> results in us having fewer ciphers and missing on many
> other improvements.
>
> Signed-off-by: Vladimir Serbinenko
Sadly it still has some problems...
./configure --targe
On Fri, Aug 23, 2024 at 08:20:53PM +0200, Valentin Gehrke wrote:
> Multiboot modules that could not be read successfully (e.g. via network)
> should not be added to the list of modules to forward to the operating
> system that is to be booted subsequently.
>
> This patch is necessary because even i
On Tue, Sep 10, 2024 at 11:54:20AM +0200, Heinrich Schuchardt wrote:
> On 13.08.24 15:52, Daniel Kiper wrote:
> > On Mon, Aug 12, 2024 at 04:13:18PM +0200, Heinrich Schuchardt wrote:
> > > The cycle register is not guaranteed to count at constant frequency.
> > > If it
On Tue, Sep 03, 2024 at 04:15:46PM +0100, Frediano Ziglio via Grub-devel wrote:
> Signed-off-by: Frediano Ziglio
For both patches Reviewed-by: Daniel Kiper ...
Next time please add a cover letter to a bundle of patches.
Thank you for fixing these issues!
Dan
On Tue, Sep 03, 2024 at 09:00:27AM +0100, Frediano Ziglio via Grub-devel wrote:
> The function called is grub_utf8_to_utf16.
>
> Signed-off-by: Frediano Ziglio
For all patches except "loader/efi: Reuse len variable"
Reviewed-by: Danie
On Tue, Sep 03, 2024 at 09:01:08PM +0300, Vladimir 'phcoder' Serbinenko wrote:
> v2: Changed how I fix module search: instead of matching alignment,
> compute the module position explicitly
For all patches Reviewed-by: Daniel Kiper ...
Daniel
On Tue, Sep 03, 2024 at 08:29:30PM +0300, Vladimir Serbinenko wrote:
> We currently use an old version of libcrypt which
> results in us having fewer ciphers and missing on many
> other improvements.
>
> Signed-off-by: Vladimir Serbinenko
Now at least it builds but...
Could you update libgcrypt
On Mon, Sep 02, 2024 at 03:26:35AM +0300, Vladimir 'phcoder' Serbinenko wrote:
> This series of patches fixes compilation and running on Yeeloong 2F
> with new GCC.
> Clang is not supported as it fails to compile for mips3 architecture
For all patches Reviewed-by: Danie
ry because even if a grub.cfg checks whether or not
> a module was successfully downloaded, an attempt to retry a failed
> download is futile because the corrupted module will be forwarded either
> way.
>
> Signed-off-by: Valentin Gehrke
Revi
On Sat, Aug 17, 2024 at 08:30:23PM +0300, Vladimir Serbinenko wrote:
> Signed-off-by: Vladimir Serbinenko
> ---
> tests/date_unit_test.c | 35 ++-
> 1 file changed, 26 insertions(+), 9 deletions(-)
>
> diff --git a/tests/date_unit_test.c b/tests/date_unit_test.c
>
On Sat, Aug 17, 2024 at 08:30:22PM +0300, Vladimir Serbinenko wrote:
> Signed-off-by: Vladimir Serbinenko
> ---
> grub-core/lib/datetime.c | 31 ---
> include/grub/datetime.h | 15 +++
> 2 files changed, 31 insertions(+), 15 deletions(-)
>
> diff --git a/g
On Thu, Aug 15, 2024 at 10:52:56AM +0100, Mate Kukri wrote:
> Users have no reason to see this, and it can break graphical boot.
>
> Signed-off-by: Mate Kukri
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.
ang
> Cc: Stefan Berger
> Cc: Glenn Washburn
> Signed-off-by: Gary Lin
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Fri, Jun 28, 2024 at 04:19:07PM +0800, Gary Lin via Grub-devel wrote:
> As a preparation to test tpm2_key_protector with grub-emu, the new
> option, --tpm-device, is introduced to specify the TPM device for
> grub-emu so that grub-emu can share the emulated TPM device with
> the host.
>
> Since
On Fri, Jun 28, 2024 at 04:19:06PM +0800, Gary Lin via Grub-devel wrote:
> When using disk auto-unlocking with TPM 2.0, the typical grub.cfg may
> look like this:
>
> tpm2_key_protector_init --tpm2key=(hd0,gpt1)/boot/grub2/sealed.tpm
> cryptomount -u -P tpm2
> search --fs-uuid --set=root
>
eanly so
> the attacker could dump the memory to retrieve the secret key. To defend
> such attack, wipe out the cached key when we don't need it.
>
> Cc: Fabian Vogt
> Signed-off-by: Gary Lin
> Reviewed-by: Stefan Berger
Reviewed-by: Daniel Kiper
Daniel
___
On Fri, Jun 28, 2024 at 04:19:04PM +0800, Gary Lin via Grub-devel wrote:
> From: Patrick Colp
>
> If a protector is specified, but it fails to unlock the disk, fall back
> to asking for the passphrase. However, an error was set indicating that
> the protector(s) failed. Later code (e.g., LUKS code
On Fri, Jun 28, 2024 at 04:19:03PM +0800, Gary Lin via Grub-devel wrote:
> From: Patrick Colp
>
> Currently with the TPM2 protector, only SRK mode is supported and
> NV index support is just a stub. Implement the NV index option.
>
> Note: This only extends support on the unseal path. grub2_protec
On Fri, Jun 28, 2024 at 04:19:02PM +0800, Gary Lin via Grub-devel wrote:
> This commit handles the TPM2_PolicyAuthorize command from the key file
> in TPM 2.0 Key File format.
>
> TPM2_PolicyAuthorize is the essential command to support authorized
> policy which allows the users to sign TPM policie
On Fri, Jun 28, 2024 at 04:19:01PM +0800, Gary Lin via Grub-devel wrote:
> From: Hernan Gatta
>
> To utilize the key protectors framework, there must be a way to protect
> full-disk encryption keys in the first place. The grub-protect tool
> includes support for the TPM2 key protector but other pr
On Fri, Jun 28, 2024 at 04:19:00PM +0800, Gary Lin via Grub-devel wrote:
> From: Hernan Gatta
>
> Add a new parameter to cryptomount to support the key protectors framework:
> -P.
> The parameter is used to automatically retrieve a key from specified key
> protectors. The parameter may be repeate
On Fri, Jun 28, 2024 at 04:18:43PM +0800, Gary Lin via Grub-devel wrote:
> GIT repo for v18: https://github.com/lcp/grub2/tree/tpm2-unlock-v18
>
> This patch series is based on "Automatic TPM Disk Unlock"(*1) posted by
> Hernan Gatta to introduce the key protector framework and TPM2 stack
> to GRUB
On Fri, Jun 28, 2024 at 04:18:59PM +0800, Gary Lin via Grub-devel wrote:
> From: Hernan Gatta
>
> The TPM2 key protector is a module that enables the automatic retrieval
> of a fully-encrypted disk's unlocking key from a TPM 2.0.
>
> The theory of operation is such that the module accepts various
On Fri, Jun 28, 2024 at 04:18:58PM +0800, Gary Lin via Grub-devel wrote:
> A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
> compose and submit TPM commands and parse reponses.
>
> A limited number of TPM commands may be accessed via the EFI TCG2
> protocol. This protocol exp
On Fri, Jun 28, 2024 at 04:18:57PM +0800, Gary Lin via Grub-devel wrote:
> This commit adds the necessary TPM2 types and structs as the preparation
> for the TPM2 Software Stack (TSS2) support. The Marshal/Unmarshal
> functions are also added to handle the data structure to be submitted to
> TPM2 c
On Fri, Jun 28, 2024 at 04:18:56PM +0800, Gary Lin via Grub-devel wrote:
> As the prepartion to support TPM2 Software Stack (TSS2), this commit
> implements the TPM2 buffer handling functions to pack data for the TPM2
> commands and unpack the data from the response.
>
> Cc: Stefan Berger
> Signed
On Thu, Aug 15, 2024 at 10:51:31AM +0100, Mate Kukri wrote:
> For NX, we need to set write and executable permissions on the sections
> of grub modules when we load them.
>
> On sections with SHF_ALLOC set, which is typically everything except
> .modname and the symbol and string tables, this patch
On Thu, Aug 15, 2024 at 10:51:29AM +0100, Mate Kukri wrote:
> Currently we load module sections at whatever alignment gcc+ld happened
> to dump into the ELF section header, which is often less then the page
> size. Since NX protections are page based, this alignment must be
> rounded up to page siz
On Fri, Jun 28, 2024 at 04:18:54PM +0800, Gary Lin via Grub-devel wrote:
> Document libtasn1 in docs/grub-dev.texi and add the upgrade steps.
> Also add the patches to make libtasn1 compatible with grub code.
>
> Signed-off-by: Gary Lin
> Reviewed-by: Vladimir Serbinenko
Revi
On Fri, Jun 28, 2024 at 04:18:53PM +0800, Gary Lin via Grub-devel wrote:
> From: Daniel Axtens
>
> Import tests from libtasn1 that don't use functionality we don't
> import. This test module is integrated into functional_test so that the
Would not be it easier if you say: Import tests from libtas
On Fri, Aug 16, 2024 at 01:34:18PM +0800, Gary Lin wrote:
> On Wed, Aug 14, 2024 at 05:34:52PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 28, 2024 at 04:18:43PM +0800, Gary Lin via Grub-devel wrote:
> > > GIT repo for v18: https://github.com/lcp/grub2/tree/tpm2-unlock-v18
>
On Thu, Aug 15, 2024 at 02:49:34PM +0800, Gary Lin wrote:
> On Wed, Aug 14, 2024 at 05:52:14PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 28, 2024 at 04:18:51PM +0800, Gary Lin via Grub-devel wrote:
> > > Do a few things to make asn1 tests compile as part of grub:
> > >
On Thu, Aug 15, 2024 at 02:24:18PM +0800, Gary Lin wrote:
> On Wed, Aug 14, 2024 at 05:41:35PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 28, 2024 at 04:18:48PM +0800, Gary Lin via Grub-devel wrote:
> > > Use the grub headers instead of the standard POSIX headers.
On Thu, Aug 15, 2024 at 02:18:17PM +0800, Gary Lin wrote:
> On Wed, Aug 14, 2024 at 05:40:08PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 28, 2024 at 04:18:47PM +0800, Gary Lin via Grub-devel wrote:
> > > Remove _asn1_strcat() and replace strcat() with the bound-checked
&
On Fri, Jun 28, 2024 at 04:18:51PM +0800, Gary Lin via Grub-devel wrote:
> Do a few things to make asn1 tests compile as part of grub:
>
> - include asn1_test.h only
>
> - rename the main functions to the test names
>
> - remove 'verbose' and the unnecessary printf()
>
> - print the error messages
y: Daniel Axtens
> Signed-off-by: Gary Lin
If you fix the issues mentioned above (and same below) you can add
Reviewed-by: Daniel Kiper ...
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Fri, Jun 28, 2024 at 04:18:48PM +0800, Gary Lin via Grub-devel wrote:
> Use the grub headers instead of the standard POSIX headers.
Again, why?
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Fri, Jun 28, 2024 at 04:18:47PM +0800, Gary Lin via Grub-devel wrote:
> Remove _asn1_strcat() and replace strcat() with the bound-checked
> _asn1_str_cat() except the one inside _asn1_str_cat(). That strcat
s/strcat/strcat()/
> is replaced with strcpy.
s/strcpy/strcpy()/
This commit message
On Fri, Jun 28, 2024 at 04:18:43PM +0800, Gary Lin via Grub-devel wrote:
> GIT repo for v18: https://github.com/lcp/grub2/tree/tpm2-unlock-v18
>
> This patch series is based on "Automatic TPM Disk Unlock"(*1) posted by
> Hernan Gatta to introduce the key protector framework and TPM2 stack
> to GRUB
mentation
> for the file command was added.
>
> Signed-off-by: Andrew Hamilton
Reviewed-by: Daniel Kiper
Thank you for documenting all these modules and commands!
It is really useful!
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
htt
On Thu, Aug 08, 2024 at 05:37:47PM +0200, Tobias Heider wrote:
> From: Tobias Heider
>
> With this change it is possible to access properties in subnodes
> using the -n argument as in 'fdtdump -n chosen -p stdout-path'.
> It is also possible to access deeper nested properties by passing
> a path s
On Thu, Aug 08, 2024 at 05:37:46PM +0200, Tobias Heider wrote:
> Device tree properties are not explicitly typed but values can take
> multiple forms from strings to arrays and byte-strings.
> grub_fdt_prop_to_string() adds a heuristic to determine the type and
> convert it to a string for printing
On Tue, Aug 13, 2024 at 06:14:40PM +0200, Thomas Schmitt wrote:
> Hi,
>
> thinking more i believe that the currently used mkdir option -p is
> inappropriate in tests/grub_cmd_cryptomount.in .
>
> It hampers proper cleanup because the script cannot know how many
> directories in the path to TMPDIR
> > > output=`"$@" 2>&1` || res=$?
> > > +
> > > +rmdir "$TMPDIR"
>
> Daniel Kiper wrote:
> > s/rmdir/rm -rf/?
>
> This is equivalent to the question whether remaining content shall be
> removed silently. In my cas
gt;
> Additionally, to avoid disrupting the boot process, this patch relaxes
> the severity of the errors in this context to non-critical. Errors will
> be logged, but they will not prevent the boot process from continuing.
>
> Fixes: e0fa7dc84 (bli: Add a module for the Boot Loader Int
On Fri, Aug 02, 2024 at 11:52:02AM +0100, Mate Kukri wrote:
> Users have no reason to see this without explictily asking for it, and
Users do not have any option to ask for it. Why do not use grub_dprintf("efi",
...)
instead of grub_printf()?
Daniel
> it can break graphical boot.
>
> Signed-off
On Mon, Jul 29, 2024 at 09:07:48PM -0700, Arjun wrote:
> Fixes support for 64-bit badram entries. Previously, whenever the start
> address
> of an mmap region exceeded the maximum address attainable via an addr,mask
> pair,
> GRUB would erroneously attempt to binary-search up to the integer limit
On Wed, Jul 24, 2024 at 06:48:45PM +0200, Thomas Schmitt via Grub-devel wrote:
> If not TMPDIR is set by the user then the test grub_cmd_cryptomount
> creates about 20 directories named *LUKS*_test* in the root directory
> and leaves them there when the test ends.
>
> Initialize in the test script
gned-off-by: Heinrich Schuchardt
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Sun, Jun 09, 2024 at 03:35:06PM -0400, Patrick Plenefisch wrote:
> lv matching must be done after processing the ignored feature
> indirections, as integrity volumes & caches may have several levels
> of indirection that the segments must be shifted through.
>
> pv matching must be completely fi
On Sun, Jun 09, 2024 at 03:34:58PM -0400, Patrick Plenefisch wrote:
> This patch isn't necessary by itself, but when combined with the next
> patch it enhances readability as ignored_features_lv is then used for
> multiple types of extra LV's, not just cache LV's
>
> Signed-off-by: Patrick Plenefis
On Wed, Jun 12, 2024 at 04:57:03PM +0100, Mate Kukri wrote:
> Currently the patchset consists of:
> - Reworked Fedora NX patches to make GRUB itself work under NX.
> - Julian Andres Klode's loader framework patch (used in Debian and Ubuntu for
> the downstream loader).
> - Implemented shim loader p
inition for the PE DLL Characteristics flag GRUB_PE32_NX_COMPAT
> - changes grub-mkimage to set that flag.
>
> Original-Author: Peter Jones
> Signed-off-by: Mate Kukri
If you fix nits mentioned above then you can add
Reviewed-by: Daniel Kiper ...
Daniel
___
On Wed, Jun 12, 2024 at 04:57:09PM +0100, Mate Kukri wrote:
> For NX, we need to set write and executable permissions on the sections
> of grub modules when we load them.
>
> On sections with SHF_ALLOC set, which is typically everything except
> .modname and the symbol and string tables, this patch
On Tue, Jun 25, 2024 at 02:42:31PM +0800, Gary Lin wrote:
> On Mon, Jun 24, 2024 at 07:28:14PM +0200, Daniel Kiper wrote:
> > On Thu, Mar 07, 2024 at 04:59:05PM +0800, Gary Lin via Grub-devel wrote:
> > > On Thu, Feb 08, 2024 at 08:58:43PM +0100, Daniel Kiper wrote:
> > &g
On Thu, Mar 07, 2024 at 04:59:05PM +0800, Gary Lin via Grub-devel wrote:
> On Thu, Feb 08, 2024 at 08:58:43PM +0100, Daniel Kiper wrote:
> > Hey,
> >
> --8<--
> >
> > And I have attached the Coverity report. All issues reported there have
> > to be fixed.
On Wed, Jun 12, 2024 at 04:57:08PM +0100, Mate Kukri wrote:
> For NX, we need to set the page access permission attributes for write
> and execute permissions.
>
> This patch adds two new primitives, grub_set_mem_attrs() and
> grub_clear_mem_attrs(), and associated constant definitions, to be used
On Wed, Jun 12, 2024 at 04:57:07PM +0100, Mate Kukri wrote:
> Currently we load module sections at whatever alignment gcc+ld happened
> to dump into the ELF section header, which is often less then the page
> size. Since NX protections are page based, this alignment must be
> rounded up to page siz
on, and
> makes the allocation computation loop skip empty sections as the loading
> loop does.
>
> Signed-off-by: Peter Jones
> Signed-off-by: Jan Setje-Eilers
> Signed-off-by: Mate Kukri
> Reviewed-By: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
_
igned-off-by: Peter Jones
> Signed-off-by: Jan Setje-Eilers
> Signed-off-by: Mate Kukri
> Reviewed-By: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
e correct.
>
> This patch sets that data as "const", which causes that flag not to be
> set.
>
> Signed-off-by: Peter Jones
> Signed-off-by: Jan Setje-Eilers
> Signed-off-by: Mate Kukri
> Reviewed-By: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
Hi all,
I have great pleasure of informing you that the call for proposals is open for
Systems Boot and Security Microconference [1] which is a part of Linux Plumbers
Conference [2]. The conference will be held in Vienna, Austria between 18th and
20th of September.
If you want to discuss with us
On Thu, Jun 20, 2024 at 03:35:32PM +0800, Gary Lin wrote:
> On Wed, Jun 19, 2024 at 06:34:13PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 14, 2024 at 02:45:44PM +0800, Gary Lin wrote:
> > > From: Hernan Gatta
> > >
> > > The TPM2 key protector is a module
On Thu, Jun 20, 2024 at 02:13:02PM +0800, Gary Lin wrote:
> On Wed, Jun 19, 2024 at 04:04:47PM +0200, Daniel Kiper wrote:
> > On Wed, Jun 19, 2024 at 02:41:13PM +0800, Gary Lin wrote:
> > > On Tue, Jun 18, 2024 at 03:30:03PM +0200, Daniel Kiper wrote:
> > > > On F
On Wed, Jun 12, 2024 at 03:28:41PM +0800, Yifan Zhao wrote:
> mkfs.erofs with version < 1.6 does not support the -L option.
> Let's detect the version of mkfs.erofs and skip the label tests
> if it is not supported.
>
> Signed-off-by: Yifan Zhao
Reviewed-by
On Mon, Jun 17, 2024 at 02:44:09PM +0300, Vladimir Serbinenko wrote:
> Signed-off-by: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Mon, Jun 17, 2024 at 02:44:08PM +0300, Vladimir Serbinenko wrote:
> Signed-off-by: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Mon, Jun 17, 2024 at 03:56:31PM +0300, Vladimir Serbinenko wrote:
> Current code works only if package matches binary name transformation rules.
> It's often true but is no waz guaranteed
>
> Fixes bug #64410
>
> Signed-off-by: Vladimir Serbinenko
Reviewed-by
On Mon, Jun 17, 2024 at 03:56:30PM +0300, Vladimir Serbinenko wrote:
> Fixes bug #64408.
> Signed-off-by: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinf
On Mon, Jun 17, 2024 at 03:59:56PM +0300, Vladimir Serbinenko wrote:
> First they're use macros so they can't be translated as-is.
> Second there is no point in translating them as they're too technical.
>
> Signed-off-by: Vladimir Serbinenko
Reviewe
loading another device tree depend on the compatible or
> model values of the device tree provided by the firmware.
>
> For now only the root level properties of the dtb are exposed.
>
> Signed-off-by: Tobias Heider
Reviewed-by: Daniel Kiper
Daniel
rementing it inside the loop which
> copies argv to argp_argv. Issue an error message similar to what older
> versions of grub-mkrescue did with a missing argument (e.g 2.02).
>
> Fixes: https://savannah.gnu.org/bugs/index.php?65880
> Signed-off-by: Thomas Schmitt
Reviewe
On Fri, Jun 14, 2024 at 02:45:44PM +0800, Gary Lin wrote:
> From: Hernan Gatta
>
> The TPM2 key protector is a module that enables the automatic retrieval
> of a fully-encrypted disk's unlocking key from a TPM 2.0.
>
> The theory of operation is such that the module accepts various
> arguments, mo
On Wed, Jun 19, 2024 at 02:41:13PM +0800, Gary Lin wrote:
> On Tue, Jun 18, 2024 at 03:30:03PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 14, 2024 at 02:45:43PM +0800, Gary Lin wrote:
> > > From: Hernan Gatta
> > >
> > > A Trusted Platform Module (TPM) So
On Wed, Jun 19, 2024 at 02:43:08PM +0800, Gary Lin wrote:
> On Tue, Jun 18, 2024 at 05:41:13PM +0200, Daniel Kiper wrote:
> > On Fri, Jun 14, 2024 at 02:45:43PM +0800, Gary Lin wrote:
> > > From: Hernan Gatta
> > >
> > > A Trusted Platform Module (TPM) So
On Fri, Jun 14, 2024 at 02:45:43PM +0800, Gary Lin wrote:
> From: Hernan Gatta
>
> A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
> compose and submit TPM commands and parse reponses.
>
> A limited number of TPM commands may be accessed via the EFI TCG2
> protocol. This pro
On Fri, Jun 14, 2024 at 02:45:43PM +0800, Gary Lin wrote:
> From: Hernan Gatta
>
> A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
> compose and submit TPM commands and parse reponses.
>
> A limited number of TPM commands may be accessed via the EFI TCG2
> protocol. This pro
> Signed-off-by: Gary Lin
> Reviewed-by: Stefan Berger
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On Fri, Jun 14, 2024 at 02:45:41PM +0800, Gary Lin wrote:
> Document libtasn1 in docs/grub-dev.texi and add the upgrade steps.
> Also add the patches to make libtasn1 compatible with grub code.
>
> Signed-off-by: Gary Lin
> Reviewed-by: Vladimir Serbinenko
> ---
> docs/grub-dev.texi | 33 +++
On Fri, Jun 14, 2024 at 02:45:40PM +0800, Gary Lin wrote:
> From: Daniel Axtens
>
> Import tests from libtasn1 that don't use functionality we don't
> import. This test module is integrated into functional_test so that the
> user can run the test in grub shell.
>
> This doesn't test the full decod
nenko
Due to amount of changes to the patch I think this RB should be dropped now.
Though Reviewed-by: Daniel Kiper ...
Two nits below...
> ---
> autogen.sh | 16
> grub-core/Makefile.core.def| 15 +++
> gru
ck to
> avoid producing a too large 'k'.
>
> This is a quick fix and may differ from the official upstream fix.
>
> libtasn1 issue: https://gitlab.com/gnutls/libtasn1/-/issues/49
This patch does not need Daniel Axtens SB of course. Sorry for
not being precise.
> Sig
On Fri, Jun 14, 2024 at 02:45:37PM +0800, Gary Lin wrote:
> Based on the patch from "Daniel Axtens "
>
> Do a few things to make libtasn1 compile as part of grub:
>
> - remove _asn1_strcat and replace strcat with the bound-checked
>_asn1_str_cat except the one inside _asn1_str_cat. That strcat
that the difference between upstream and grub is smaller,
> which should make updating libtasn1 easier in the future.
>
> With these exclusions we also avoid the need for minmax.h,
> which is convenient because it means we don't have to
> import it from gnulib.
>
>
libtasn1-4.19.0/lib/includes/libtasn1.h grub-core/lib/libtasn1/
> rm -rf libtasn1-4.19.0*
>
> Signed-off-by: Daniel Axtens
> Signed-off-by: Gary Lin
> Reviewed-by: Vladimir Serbinenko
Reviewed-by: Daniel Kiper
Daniel
___
Grub-devel
On Fri, Jun 14, 2024 at 06:26:00PM +0200, Tobias Heider wrote:
> On Fri, Jun 14, 2024 at 06:03:23PM +0200, Daniel Kiper wrote:
> > On Wed, Jun 12, 2024 at 01:12:28PM +0200, Tobias Heider wrote:
> > > The fdtdump command allows dumping arbitrary device tree properties
> >
rd_packet should be
> effectively removed. According to test results, the delay has
> disappeared, and it is now much easier to use interactively.
>
> Signed-Off-by: Michael Chang
> Tested-by: Tony Jones
Reviewed-by: Daniel Kiper
Daniel
_
On Thu, May 16, 2024 at 09:43:46PM +0300, Vladimir Serbinenko wrote:
> In some cases like loading kernel from native disk (e.g. nvme) not
> supported by EFI in question efi stub is not an option. Allow
> user to disable efi stub and fallback to older protocol
I think this patch should be considere
On Thu, May 16, 2024 at 10:42:25PM +0300, Vladimir Serbinenko wrote:
> Signed-off-by: Vladimir Serbinenko
> ---
> grub-core/Makefile.core.def | 1 +
> grub-core/fs/zfs/zfs.c | 32
> include/grub/zfs/zio.h | 1 +
> 3 files changed, 34 insertions(+)
>
>
On Mon, Jun 10, 2024 at 11:35:11AM +0530, Mukesh Kumar Chaurasiya wrote:
> Sometimes, when booting from a very busy SAN, the access to the
> disk can fail and then GRUB will eventually drop to GRUB prompt.
> This scenario is more frequent when deploying many machines at
> the same time using the sa
On Mon, Jun 10, 2024 at 11:29:56AM +0530, Mukesh Kumar Chaurasiya wrote:
> The information about "vscsi-report-luns" data is a list of disk details
> with pairs of memory addresses and lengths.
>
> 8 bytes 8 bytes
> lun-addr ---> 8 byte
On Wed, Jun 12, 2024 at 01:12:29PM +0200, Tobias Heider wrote:
> Signed-off-by: Tobias Heider
> ---
> docs/grub.texi | 26 ++
> 1 file changed, 26 insertions(+)
>
> diff --git a/docs/grub.texi b/docs/grub.texi
> index f3bdc2564..a050dc0fc 100644
> --- a/docs/grub.texi
> ++
On Wed, Jun 12, 2024 at 01:12:28PM +0200, Tobias Heider wrote:
> The fdtdump command allows dumping arbitrary device tree properties
> and saving them to a variable similar to the smbios command.
>
> This is useful in scripts where further actions such as selecting a
> kernel or loading another dev
On Thu, Jun 06, 2024 at 09:44:10PM +0530, Sudhakar Kuppusamy wrote:
> it reads the SBAT data from sbat.csv and create the ELF Note for it then
> store the SBAT data on it while generate image with -s option
May I ask you to use proper English sentences in the commit messages?
> Signed-off-by: Sud
hat exfatprogs is now needed and also
s/to not/to note/?
> exfat-fuse, which is needed do the fuse mount.
>
> Signed-off-by: Glenn Washburn
Otherwise Reviewed-by: Daniel Kiper ...
Daniel
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
uksdiskfile. The first
> sets it to the header file if $detached_header is set, otherwise leave it
> unset. The second statement sets it to itself if it is already set,
> otherwise it is set to $luksfile.
>
> Fixes: a7b540e6e (tests: Add cryptomount functional test)
> Signed-off
o use system firmwares or is not on a Debian system.
>
> Glenn
>
> Glenn Washburn (2):
> tests/util/grub-shell: Use pflash instead of -bios to load UEFI
> firmware
> tests/util/grub-shell: Add flexibility in QEMU firmware handling
For both patches Revi
1 - 100 of 2008 matches
Mail list logo