On 13.11.2013 03:27, Josh Triplett wrote:
> 2013-11-13 Josh Triplett
>
> * grub-core/kern/x86_64/efi/startup.S (_start): Align the stack to a
> 16-byte boundary, as required by the x86-64 ABI, before calling
> grub_main. In some cases, GCC emits code that assumes this
>
grub-core/normal/progress.c was added in commit
c06c75201cdfd8b8bc853c05d751258d3256933d along with a number of
unrelated changes, and does not appear to be referenced anywhere else.
Should it be deleted again?
--
Colin Watson [cjwat...@ubuntu.com]
_
On 19.11.2013 21:25, Colin Watson wrote:
> grub-core/normal/progress.c was added in commit
> c06c75201cdfd8b8bc853c05d751258d3256933d along with a number of
> unrelated changes, and does not appear to be referenced anywhere else.
> Should it be deleted again?
>
True it was mismerge between my temp
Hi,
yesterday I realised, that GRUB is already supporting LUKS and even
simple DSA signature checking.
I was thinking about the following setup:
- fully encrypted harddisk (LUKS) (incl. rootfs).
- no bootloader on harddisk
- kernel + initrd inside encrypted partition
- optionally: signatu
On Wed, 20 Nov 2013 00:43:37 +0100
Ralf Ramsauer wrote:
> Hi,
>
> yesterday I realised, that GRUB is already supporting LUKS and even
> simple DSA signature checking.
>
> I was thinking about the following setup:
> - fully encrypted harddisk (LUKS) (incl. rootfs).
> - no bootloader on hardd
On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote:
> I've had this setup ever since grub had LUKS support, except for the
> signature checking. I don't really see the point of checking
> signatures if the kernel and initrd are encrypted.
You're setting yourself up for a *lot* of pain
On Tue, 19 Nov 2013 17:55:40 -0800
Elliott Mitchell wrote:
> On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote:
> > I've had this setup ever since grub had LUKS support, except for the
> > signature checking. I don't really see the point of checking
> > signatures if the kernel and
On 20.11.2013 06:43, Glenn Washburn wrote:
> Modifying the cipher text just
> manifests as random data corruption of the plain text device, again not
> a security issue and nothing that signatures would prevent.
It's a security threat. Imagine you have somewhere a routine which
verifies SSH-key whe
On Tue, Nov 19, 2013 at 11:43:12PM -0600, Glenn Washburn wrote:
> On Tue, 19 Nov 2013 17:55:40 -0800
> Elliott Mitchell wrote:
>
> > On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote:
> > > I've had this setup ever since grub had LUKS support, except for the
> > > signature checking.
On 20.11.2013 07:42, Elliott Mitchell wrote:
> On Tue, Nov 19, 2013 at 11:43:12PM -0600, Glenn Washburn wrote:
>> On Tue, 19 Nov 2013 17:55:40 -0800
>> Elliott Mitchell wrote:
>>
>>> On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote:
I've had this setup ever since grub had LUKS s
On Wed, 20 Nov 2013 06:48:40 +0100
Vladimir 'φ-coder/phcoder' Serbinenko wrote:
> On 20.11.2013 06:43, Glenn Washburn wrote:
> > Modifying the cipher text just
> > manifests as random data corruption of the plain text device, again
> > not a security issue and nothing that signatures would preven
On 20.11.2013 08:02, Glenn Washburn wrote:
> On Wed, 20 Nov 2013 06:48:40 +0100
> Vladimir 'φ-coder/phcoder' Serbinenko wrote:
>
>> On 20.11.2013 06:43, Glenn Washburn wrote:
>>> Modifying the cipher text just
>>> manifests as random data corruption of the plain text device, again
>>> not a secur
12 matches
Mail list logo
