On Sun, Feb 22, 2009 at 02:27:25PM +0100, Jan Alsenz wrote:
If we could agree on this, then I think we could find a way to extend the GRUB
module system to fully allow this.
From my point of view the minimal needed features for these systems are:
- easy exchange of the MBR binary to be
phcoder wrote:
Jan Alsenz wrote:
phcoder wrote:
Oh, I want!
If I remember correctly, exactly this broke the protection on some
game console!
Do you refer to Xbox crack based on King kong game? For once their goal
is the evil one. For second the problem is a buffer overflow in
rendering
Hello!
Alright, lets try to end the pointless (in the sense, that I guess noone here,
including myself, will change their opinion anytime soon) TPM discussion and get
something done.
First I'd say we can agree, that we don't agree on whether/how to use a TPM.
I don't know about you, but I can
- hooks for any disk read (not sure if write is necessary)
This way how trusted grub does it is an ad-hoc solution which results in
a MESS. They just try to hash and rehash everything without design. So
if grub is instructed to load all modules in a directory and filesystem
is reindexed then
phcoder wrote:
- hooks for any disk read (not sure if write is necessary)
This way how trusted grub does it is an ad-hoc solution which results in
a MESS. They just try to hash and rehash everything without design. So
if grub is instructed to load all modules in a directory and filesystem
is
Ok, but your already talking of a specific solution here. My conclusion would
be: The hooks need to be able to determine the filename, that is currently read.
And then also where it comes from but some files may have different
filenames. IMO the solution work independently of the order of files
Hi All,
Ok. Please keep the fighting of TPM out of this thread ;). Lets keep it
to the topic first... (I am already waiting for summary of that other
discussion at some point ;))
Jan Alsenz wrote:
Next I think we can agree, that some sort of trusted boot chain can be useful.
Also there
phcoder wrote:
Ok, but your already talking of a specific solution here. My
conclusion would
be: The hooks need to be able to determine the filename, that is
currently read.
And then also where it comes from but some files may have different
filenames. IMO the solution work independently of
Do you know if it is possible to determine where the files come from?
Well it's possible looking at filename and root drive but it's not
reliable (e.g. ata0 can be hd0 but also hd1, when we'll have network
support it will be even less obvious. Actually it's something grub2's
architecture is
Vesa Jääskeläinen write:
Hi All,
Ok. Please keep the fighting of TPM out of this thread ;). Lets keep it
to the topic first... (I am already waiting for summary of that other
discussion at some point ;))
Jan Alsenz wrote:
Next I think we can agree, that some sort of trusted boot chain
Jan Alsenz wrote:
Vesa Jääskeläinen write:
I do like the idea what some protected systems use, they sign the binary
(in our case .mod file and kernels of loaded OSes). Now in that scenario
it is responsibility of the kernel module loader to first verify the
signature for correctness. This way
Vesa Jääskeläinen wrote:
Jan Alsenz wrote:
Vesa Jääskeläinen write:
I do like the idea what some protected systems use, they sign the binary
(in our case .mod file and kernels of loaded OSes). Now in that scenario
it is responsibility of the kernel module loader to first verify the
signature
phcoder wrote:
Oh, I want!
If I remember correctly, exactly this broke the protection on some
game console!
Do you refer to Xbox crack based on King kong game? For once their goal
is the evil one. For second the problem is a buffer overflow in
rendering engine, not the not checking part. If
Jan Alsenz wrote:
phcoder wrote:
Oh, I want!
If I remember correctly, exactly this broke the protection on some
game console!
Do you refer to Xbox crack based on King kong game? For once their goal
is the evil one. For second the problem is a buffer overflow in
rendering engine, not the not
14 matches
Mail list logo
