R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Hi ! THANKS VERY MUCH. I've subscibed my email to the list. It is a very important topic for me. I hope to receive a reply. Thanks in advance to remember me !!! Best Regards. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo Messaggio originale Da: l...@xenhideout.nl Data: 14-ott-2017 23.28 A: <grub-devel@gnu.org> Ogg: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ? This topic. ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
This topic. ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
R: Re: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Thanks very much, Colin. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo Messaggio originale Da: cjwat...@ubuntu.com Data: 18-lug-2017 13.28 A: "ingegneriafore...@alice.it"<ingegneriafore...@alice.it> Cc: <grub-devel@gnu.org> Ogg: Re: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ? On Tue, Jul 18, 2017 at 12:38:33PM +0200, ingegneriafore...@alice.it wrote: > I've read with interest your reply and i gave a look at the grub code. > > You wrote an important assertion: "GRUB intentionally has no filesystem > writing support". > > So, the writing operations that grub can do, only be sent to a pre-allocated > memory regions of the disk different in any case from that allocated by the > OS for the filesystem, where the user data are stored. > > This means that grub never can corrupt the user data. > > Please, can you confirm if this my conclusion is right ? Because is this > the crucial question i need to solve. I would never want to rule out the possibility of strange bugs, but that is certainly the design. -- Colin Watson [cjwat...@ubuntu.com] ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
On Tue, Jul 18, 2017 at 12:38:33PM +0200, ingegneriafore...@alice.it wrote: > I've read with interest your reply and i gave a look at the grub code. > > You wrote an important assertion: "GRUB intentionally has no filesystem > writing support". > > So, the writing operations that grub can do, only be sent to a pre-allocated > memory regions of the disk different in any case from that allocated by the > OS for the filesystem, where the user data are stored. > > This means that grub never can corrupt the user data. > > Please, can you confirm if this my conclusion is right ? Because is this > the crucial question i need to solve. I would never want to rule out the possibility of strange bugs, but that is certainly the design. -- Colin Watson [cjwat...@ubuntu.com] ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Dear Colin, I've read with interest your reply and i gave a look at the grub code. You wrote an important assertion: "GRUB intentionally has no filesystem writing support". So, the writing operations that grub can do, only be sent to a pre-allocated memory regions of the disk different in any case from that allocated by the OS for the filesystem, where the user data are stored. This means that grub never can corrupt the user data. Please, can you confirm if this my conclusion is right ? Because is this the crucial question i need to solve. Thanks in advance. Best Regards. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo Messaggio originale Da: cjwat...@ubuntu.com Data: 17-lug-2017 19.48 A: <grub-devel@gnu.org> Ogg: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ? On Mon, Jul 17, 2017 at 07:21:49PM +0200, ingegneriafore...@alice.it wrote: > CAN GRUB IMPLICITLY WRITE TO A DRIVE ATTACHED TO A COMPUTER ? > > Implicitly means: without an explicit command from a user. Please stop SHOUTING; it's generally considered rather rude. GRUB intentionally has no general filesystem writing support. As far as I'm aware there are exactly four ways for it to send any write commands to disks: 1) The "save_env" command (grub-core/commands/loadenv.c) which writes key/value pairs to a small preallocated region of disk. This is used to communicate small amounts of information to the OS, such as whether the last request to boot a particular menu entry on only the next boot has been completed. 2) The "gptsync" command (grub-core/commands/gptsync.c), which does some MBR/GPT partition table mangling needed on some Apple models. 3) The similar "mactelbless" and "macppcbless" commands (grub-core/commands/macbless.c), which configure a file/directory on some Apple filesystems to be the 'blessed' boot image for that filesystem. 4) The "parttool" command (grub-core/commands/parttool.c, grub-core/parttool/), which can be used to make various modifications to MBR partition table entries. GRUB is scriptable, so it isn't possible to give a general answer to your question for all systems that might have custom configurations, but the default configuration files only use the "save_env" and "parttool" commands, the latter only in the case where a chainloadable operating system was detected on a disk using the MBR partition table format. In either case, it isn't going to write to a random USB device that's attached to a machine, although save_env might write to the device it believes holds /boot/grub/grubenv. The low-level disk handling code is in grub-core/disk/. -- Colin Watson [cjwat...@ubuntu.com] ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
R: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Dear Colin, I apologize with you. I've used uppercase letter to only put in evidence my question. I had no intention to shouting. Thank very much. Your reply is what i was looking for. Best Regards. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo Messaggio originale Da: cjwat...@ubuntu.com Data: 17-lug-2017 19.48 A: <grub-devel@gnu.org> Ogg: Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ? On Mon, Jul 17, 2017 at 07:21:49PM +0200, ingegneriafore...@alice.it wrote: > CAN GRUB IMPLICITLY WRITE TO A DRIVE ATTACHED TO A COMPUTER ? > > Implicitly means: without an explicit command from a user. Please stop SHOUTING; it's generally considered rather rude. GRUB intentionally has no general filesystem writing support. As far as I'm aware there are exactly four ways for it to send any write commands to disks: 1) The "save_env" command (grub-core/commands/loadenv.c) which writes key/value pairs to a small preallocated region of disk. This is used to communicate small amounts of information to the OS, such as whether the last request to boot a particular menu entry on only the next boot has been completed. 2) The "gptsync" command (grub-core/commands/gptsync.c), which does some MBR/GPT partition table mangling needed on some Apple models. 3) The similar "mactelbless" and "macppcbless" commands (grub-core/commands/macbless.c), which configure a file/directory on some Apple filesystems to be the 'blessed' boot image for that filesystem. 4) The "parttool" command (grub-core/commands/parttool.c, grub-core/parttool/), which can be used to make various modifications to MBR partition table entries. GRUB is scriptable, so it isn't possible to give a general answer to your question for all systems that might have custom configurations, but the default configuration files only use the "save_env" and "parttool" commands, the latter only in the case where a chainloadable operating system was detected on a disk using the MBR partition table format. In either case, it isn't going to write to a random USB device that's attached to a machine, although save_env might write to the device it believes holds /boot/grub/grubenv. The low-level disk handling code is in grub-core/disk/. -- Colin Watson [cjwat...@ubuntu.com] ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
On Mon, Jul 17, 2017 at 07:21:49PM +0200, ingegneriafore...@alice.it wrote: > CAN GRUB IMPLICITLY WRITE TO A DRIVE ATTACHED TO A COMPUTER ? > > Implicitly means: without an explicit command from a user. Please stop SHOUTING; it's generally considered rather rude. GRUB intentionally has no general filesystem writing support. As far as I'm aware there are exactly four ways for it to send any write commands to disks: 1) The "save_env" command (grub-core/commands/loadenv.c) which writes key/value pairs to a small preallocated region of disk. This is used to communicate small amounts of information to the OS, such as whether the last request to boot a particular menu entry on only the next boot has been completed. 2) The "gptsync" command (grub-core/commands/gptsync.c), which does some MBR/GPT partition table mangling needed on some Apple models. 3) The similar "mactelbless" and "macppcbless" commands (grub-core/commands/macbless.c), which configure a file/directory on some Apple filesystems to be the 'blessed' boot image for that filesystem. 4) The "parttool" command (grub-core/commands/parttool.c, grub-core/parttool/), which can be used to make various modifications to MBR partition table entries. GRUB is scriptable, so it isn't possible to give a general answer to your question for all systems that might have custom configurations, but the default configuration files only use the "save_env" and "parttool" commands, the latter only in the case where a chainloadable operating system was detected on a disk using the MBR partition table format. In either case, it isn't going to write to a random USB device that's attached to a machine, although save_env might write to the device it believes holds /boot/grub/grubenv. The low-level disk handling code is in grub-core/disk/. -- Colin Watson [cjwat...@ubuntu.com] ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
R: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Ok ... My question is: CAN GRUB IMPLICITLY WRITE TO A DRIVE ATTACHED TO A COMPUTER ? Implicitly means: without an explicit command from a user. That is: in which way GRUB manages the ports of a usb interface (IDE and SATA) ? There are two cases: 1- The PC is turned off. A USB stick is attached to it. The PC is turned on. Fundamentally the GRUB should take a look at the MBR to see the port which to boot from. So it should be only necessary a reading enable because there is no necessity to write in the usb interface registers (IDE and SATA). 2- CAN happen that the GRUB writes to the USB, IDE and SATA periferal drives during the normal user activity, for example when a USB stick is attached to a PC ? I do this question because i've seen a SAMSUNG Solid State Disk that when attached to a PC stores the times it has been turned on (in a memory area different from the user data ones). For this reason I'm wondering if is it possible to understand in which point of the source the GRUB manages the USB, IDE, and SATA interfaces. I hope you can assist me in this question. Obviously it no matter from where the usb, ide and sata drives come from (windows or mac). For my analisys i attach them to a ubuntu system. I hope you can assist me in this question. Thanks in advance. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo Messaggio originale Da: l...@xenhideout.nl Data: 17-lug-2017 10.44 A: <grub-devel@gnu.org> Ogg: Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ? ingegneriafore...@alice.it schreef op 16-07-2017 23:37: > 1- After a PC restart (that is when the BIOS/UEFI has finished to > inizialize hardware periferals and give the control to the GRUB) i'm > interesting to know if GRUB implicitily (that is without an explicit > command from a user) can write to a drive attached to a computer. > For example: > A- the PC is turn off > B- I put an usb stick in the usb port (no matter if usb is bootable or > not); you can suppose usb stick is formatted NTFS > C- I turn on the PC > QUESTION: after the BIOS finish its procedure and gives the control to > the GRUB, the GRUB can do, in some way that i ignore, writing > operations into the USB drive attached to the usb port. > > The same question is for IDE and SATA drives (for example internal > attached Hard Disks different from the first containing the OS). I don't think you have specified your question very well. Is your question whether grub CAN do these things, or whether grub DOES do these things? ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
ingegneriafore...@alice.it schreef op 16-07-2017 23:37: 1- After a PC restart (that is when the BIOS/UEFI has finished to inizialize hardware periferals and give the control to the GRUB) i'm interesting to know if GRUB implicitily (that is without an explicit command from a user) can write to a drive attached to a computer. For example: A- the PC is turn off B- I put an usb stick in the usb port (no matter if usb is bootable or not); you can suppose usb stick is formatted NTFS C- I turn on the PC QUESTION: after the BIOS finish its procedure and gives the control to the GRUB, the GRUB can do, in some way that i ignore, writing operations into the USB drive attached to the usb port. The same question is for IDE and SATA drives (for example internal attached Hard Disks different from the first containing the OS). I don't think you have specified your question very well. Is your question whether grub CAN do these things, or whether grub DOES do these things? ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Dear all, I'm new of this mailing list. I apologize with you for mistakes i can do in my question. Hoever I'll try to be as precise as possible. I work with UBUNTU 16.04. GRUB 2. 1- After a PC restart (that is when the BIOS/UEFI has finished to inizialize hardware periferals and give the control to the GRUB) i'm interesting to know if GRUB implicitily (that is without an explicit command from a user) can write to a drive attached to a computer. For example: A- the PC is turn off B- I put an usb stick in the usb port (no matter if usb is bootable or not); you can suppose usb stick is formatted NTFS C- I turn on the PC QUESTION: after the BIOS finish its procedure and gives the control to the GRUB, the GRUB can do, in some way that i ignore, writing operations into the USB drive attached to the usb port. The same question is for IDE and SATA drives (for example internal attached Hard Disks different from the first containing the OS). 2- Moreover, can you tell me if there are case where the GRUB communicates with the USB, IDE and SATA periferal drives during the normal user activity. For example when a USB stick is attached to a running PC is possible that GRUB does writing operations ? In both cases, can you briefly tell me the source files where these writing operations are programmed in the source of GRUB ? Detailed tips are welcome. Thanks very much in advance. Best Regards. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
CAN GRUB DO WRITING OPERATIONS ON ATTACHED DRIVES ?
Dear all, I'm new of this mailing list. I apologize with you for mistakes i can do in my question. Hoever I'll try to be as precise as possible. I work with UBUNTU 16.04. GRUB 2. 1- After a PC restart (that is when the BIOS/UEFI has finished to inizialize hardware periferals and give the control to the GRUB) i'm interesting to know if GRUB implicitily (that is without an explicit command from a user) can write to a drive attached to a computer. For example: A- the PC is turn off B- I put an usb stick in the usb port (no matter if usb is bootable or not); you can suppose usb stick is formatted NTFS C- I turn on the PC QUESTION: after the BIOS finish its procedure and gives the control to the GRUB, the GRUB can do, in some way that i ignore, writing operations into the USB drive attached to the usb port. The same question is for IDE and SATA drives (for example internal attached Hard Disks different from the first containing the OS). 2- Moreover, can you tell me if there are case where the GRUB communicates with the USB, IDE and SATA periferal drives during the normal user activity. For example when a USB stick is attached to a running PC is possible that GRUB does writing operations ? In both cases, can you briefly tell me the source files where these writing operations are programmed in the source of GRUB ? Detailed tips are welcome. Thanks very much in advance. Best Regards. Vincenzo. Forensic Consultant Tribunale di Lecce Studio: Strada di Garibaldi - Contrada Paradisi 73010 Lequile (LE) cell: 339.7968555 skype: vincenzo.di_salvo ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
