On Tue, 14 Nov 2023, 03:19 Glenn Washburn,
wrote:
> On Mon, 13 Nov 2023 17:18:50 +0100
> Daniel Kiper wrote:
>
> > On Sun, Nov 12, 2023 at 08:22:42AM +0100, Heinrich Schuchardt wrote:
> > > On 11/12/23 04:23, Glenn Washburn wrote:
> > > > The canary, __stack_chk_guard, is in the BSS and so will
On Thu, 24 Aug 2023 at 15:54, Paul Menzel wrote:
>
> Dear Dimitri,
>
>
> Thank you for your answer.
>
> Am 08.08.23 um 17:25 schrieb Dimitri John Ledkov:
> > On Sat, 29 Jul 2023 at 06:54, Paul Menzel wrote:
>
> >> On x86 microcode updates often are recommend
#include ascii art of can of worms here
On Tue, 8 Aug 2023 at 17:27, Ard Biesheuvel wrote:
>
> On Tue, 8 Aug 2023 at 17:34, Dimitri John Ledkov
> wrote:
> >
> > On Mon, 7 Aug 2023, 13:23 Ard Biesheuvel, wrote:
> > >
> > > Recent mixed-mode Linux kerne
On Mon, 7 Aug 2023, 13:23 Ard Biesheuvel, wrote:
>
> Recent mixed-mode Linux kernels (i.e., v4.0 or newer) can access EFI
> runtime services at OS runtime even when the OS was not entered via the
> EFI stub. This is because, instead of reverting back to the firmware's
> segment selectors, GDTs and
On Sat, 29 Jul 2023 at 06:54, Paul Menzel wrote:
>
> Dear GRUB folks,
>
>
> On x86 microcode updates often are recommended to be applied to fix
> bugs. Just recently new microcode updates where published for AMD Zen 2
> processors to fix “Zenbleed” [1].
>
> Currently, these updates are shipped and
On Wed, 26 Jul 2023, 23:03 Vladimir 'phcoder' Serbinenko,
wrote:
> Have you considered that some firmwares brick if EFI storage is over 50%
> full? Why not having a file on ESP instead?
>
Yes bricking did happen before. It was triggered by excessive runtime
updates of bootloader settings. It did
On Fri, 23 Jun 2023 at 15:12, Ard Biesheuvel wrote:
>
> On Fri, 23 Jun 2023 at 15:46, Tobias Powalowski
> wrote:
> >
> >
> >
> > Am Fr., 23. Juni 2023 um 15:41 Uhr schrieb Ard Biesheuvel :
> >>
> >> On Thu, 22 Jun 2023 at 11:41, Tobias Powalowski
> >> wrote:
> >> >
> >> > Hi tackled it down to t
Hi,
On Fri, 23 Jun 2023 at 14:46, Tobias Powalowski via Grub-devel
wrote:
>
>
>
> Am Fr., 23. Juni 2023 um 15:41 Uhr schrieb Ard Biesheuvel :
>>
>> On Thu, 22 Jun 2023 at 11:41, Tobias Powalowski
>> wrote:
>> >
>> > Hi tackled it down to this commit:
>> > https://git.savannah.gnu.org/cgit/grub.g
Yes yes yes yes. Signed dtb in grub at last.
On Wed, 7 Dec 2022, 03:16 Michael Chang via Grub-devel,
wrote:
> On Tue, Dec 06, 2022 at 11:09:57AM -0500, Robbie Harwood wrote:
> > Zhang Boyang writes:
> >
> > > Since font files can be wrapped as PE images by grub-wrap, use shim to
> > > verify fo
Only perform call to fwsetup if one is on EFI platform. On all other
platorms fwsetup command does not exists, and thus returns 0 and a
useless uefi-firmware menuentry gets generated.
Signed-off-by: Dimitri John Ledkov
---
util/grub.d/30_uefi-firmware.in | 12 +++-
1 file changed, 7
On Tue, 30 Aug 2022 at 21:22, Robbie Harwood wrote:
>
> Philip Müller writes:
>
> >> Hello Robbie, hello Daniel,
> >>
> >> with the commit 26031d3b101648352e4e427f04bf69d320088e77
> >> 30_uefi-firmware will always call `fwsetup --is-supported' to check
> >> if the system supports EFI or not. Howe
Hi,
This is interesting. I had to work around this same issue in loopback
to allow chainloading from loopback devices see
https://github.com/rhboot/grub2/commit/0e5cb733f3cb227293ea58397ea10891519095f0
On Fri, 26 Aug 2022 at 05:34, Glenn Washburn
wrote:
>
> The EFI chainloader checks that a de
There is no need for that code on any signed grubs or upstream. Ports that
want to support this patch can have it conditionally compiled / enabled
only on that arch, but not other.
For example, in Ubuntu we already use separate builds for signed & unsigned
bootloaders. Or one may keep grub-2.06 as
>>
>> Huh, I've never seen that before... thanks, I'm gonna give it a try and
>> report back!
>>
>> On Tue, May 10, 2022 at 4:44 PM Dimitri John Ledkov
>> wrote:
>>>
>>> On Tue, 10 May 2022 at 15:07, Łukasz Piątkowski wrote:
>>&
use the same certificate to sign both kernel and modules.
> Netscape Comment:
> OpenSSL Generated Certificate
> Signature Algorithm: sha256WithRSAEncryption
> Signature Value: [cut]
>
> On Tue, May 10, 2022 at 3:26 PM Dimitri John Ledkov
>
the MOK key as generated by Ubuntu/Debian tooling, creates a signing
certificate that self-limits itself to only support Kernel Module
signing.
Signatures made by such certificate, are not trusted by shim for the
purpose of code signing of bootloaders (i.e. grub) or kernels (i.e.
linux).
I also res
On Tue, Sep 7, 2021 at 10:30 AM Olaf Hering wrote:
>
> On Mon, Sep 06, Vladimir 'phcoder' Serbinenko wrote:
>
> > Le lun. 6 sept. 2021 à 12:49, Olaf Hering a écrit :
> > For some reason global variables are not seen in a submenu {} section.
> > Does anyone happen to know why this behavior
On Wed, Aug 18, 2021 at 6:51 PM Petr Vorel wrote:
>
> Hi,
>
> > Personally I would just change it to "set PYTHON to python3 if not set" and
> > that's it.
> Why bothering user to set environment variable when autodetection is possible?
>
> > Python2 is irrelevant.
> Fair enough for me to drop pyth
Personally I would just change it to "set PYTHON to python3 if not set" and
that's it.
Python2 is irrelevant.
On Fri, 6 Aug 2021, 07:45 Petr Vorel, wrote:
> It help to avoid error on distros which has only python3 binary:
> ./autogen.sh: line 20: python: command not found
>
> Using bash builtin
On Wed, Jul 7, 2021 at 2:52 PM Daniel Kiper wrote:
>
> On Sun, Jun 13, 2021 at 03:11:51PM +0200, Marius Bakke wrote:
> > The 'ide-drive' device was removed in QEMU 6.0.
>
> Could you add your Signed-off-by?
>
> > * tests/ahci_test.in (outfile): s/ide-drive/ide-hd/
>
> Please drop this.
>
> > ---
>
secureboot on with grub&kernel going
into lockdown without any extra steps or code.
So we probably have a bug somewhere, as others have started to triage
already.
> Thanks,
>
> Sayanta
>
> *From:* Dimitri John Ledkov
> *Sent:* Thursday, July 8, 2021 4:21 PM
> *To:*
On Thu, 8 Jul 2021, 13:05 Michael Chang via Grub-devel,
wrote:
> Hi Dimitri,
>
> On Thu, Jul 08, 2021 at 11:51:25AM +0100, Dimitri John Ledkov wrote:
> > Hi,
> >
> > The below mentioned commands are useful. Hence we need to debug this
> > further and establish
Hi,
The below mentioned commands are useful. Hence we need to debug this
further and establish further details about your setup.
1) which keys are in DB? ( mokutil --db --list-enrolled )
2) which keys are used to sign grub image? ( sbverify --list grub*.efi )
3) which keys are used to sign grub
Hi,
I have proposed a more generic patch to handle devicetree stanaza
before see https://lists.gnu.org/archive/html/grub-devel/2019-05/msg00121.html
Fedora separately ships a similarish patch as well
I have no idea why many distributions ship integration to generate
devicetree commands in grub.c
is also cleaned / backed up / restored.
Signed-off-by: Dimitri John Ledkov
---
Changes since v5:
- use xstrdup
- change ponr flag from int, to a setter function
- ensure that all ponr things are guarded with HAVE_ATEXIT check
configure.ac| 2 +-
include/grub/util/install
From: Dimitri John Ledkov
Refactor clean_grub_dir to create a backup of all the files, instead
of just irrevocably removing them as the first action. If available,
register atexit handle to restore the backup if errors occur before
point of no return, or remove the backup if everything was
is also cleaned / backed up / restored.
Signed-off-by: Dimitri John Ledkov
---
configure.ac| 2 +-
include/grub/util/install.h | 13
util/grub-install-common.c | 140
util/grub-install.c | 33 ++---
util/grub-mk
On Tue, 4 May 2021 at 18:41, Daniel Kiper wrote:
>
> Hey,
>
> In general much better but...
>
> On Thu, Apr 29, 2021 at 12:36:37PM +0100, Dimitri John Ledkov wrote:
> > Refactor clean_grub_dir to create a backup of all the files, instead
> > of just irrevocably rem
On Mon, May 3, 2021 at 6:09 AM Michael Chang via Grub-devel
wrote:
>
> On Thu, Apr 29, 2021 at 12:36:37PM +0100, Dimitri John Ledkov wrote:
> > Refactor clean_grub_dir to create a backup of all the files, instead
> > of just irrevocably removing them as the first ac
space to complete grub-install.
Also add modinfo.sh and *.efi to the cleanup/backup/restore codepath,
to ensure it is also cleaned / backed up / restored.
Signed-off-by: Dimitri John Ledkov
---
Changes since v2:
- switch from on_exit, to atexit
- introduce point of no return flag, as atexit does
parent. This is usually not desired, and can
lead to deadlocks, and undesired behaviour.
This patch fixes up "unix exec: avoid atexit handlers when child
exits" further.
Fixes e75cf4a58b5eaf482804e5e1b2cc7d4399df350e
Signed-off-by: Dimitri John Ledkov
---
grub-core/osdep/unix/exec.c |
On Thu, Mar 11, 2021 at 11:44 AM Dimitri John Ledkov
wrote:
>
> The patch from
> https://lists.gnu.org/archive/html/grub-devel/2020-10/msg00122.html
>
> Is still not applied, and yet it is required to boot armhf linux
> kernel in qemu OVMF with grub.
>
> It is applied
The patch from
https://lists.gnu.org/archive/html/grub-devel/2020-10/msg00122.html
Is still not applied, and yet it is required to boot armhf linux
kernel in qemu OVMF with grub.
It is applied in rhboot/grub2
https://src.fedoraproject.org/rpms/grub2/blob/rawhide/f/0143-Make-linux_arm_kernel_head
On Fri, Mar 5, 2021 at 1:34 PM Michael Chang wrote:
>
> On Fri, Mar 05, 2021 at 12:21:49PM +, Dimitri John Ledkov wrote:
> > This is not an oversight but intentional.
> >
> > Currently there is no chainloader support with SBAT as further
> > development is requir
This is not an oversight but intentional.
Currently there is no chainloader support with SBAT as further
development is required to ensure policy is applied correctly. Once
SBAT support for chainloading is defined, it will be introduced.
And yes it is intended to continue to allow "boot windows"
Hi,
On Wed, 9 Dec 2020 at 05:15, Michael Chang wrote:
>
> On Tue, Dec 08, 2020 at 05:58:40AM +, Dimitri John Ledkov wrote:
> > On Tue, 8 Dec 2020, 03:17 Michael Chang, wrote:
> >
> > > On Mon, Dec 07, 2020 at 12:37:28PM +, Dimitri John Ledkov wrote:
> &g
On Tue, 8 Dec 2020, 03:17 Michael Chang, wrote:
> On Mon, Dec 07, 2020 at 12:37:28PM +0000, Dimitri John Ledkov wrote:
> > Refactor clean_grub_dir to create a backup of all the files, instead
> > of just irrevocably removing them as the first action. If available,
> > regis
not
actually updating any MBR. This increases peak disk-usage slightly, by
requiring temporarily twice the disk space to complete grub-install.
Also add modinfo.sh to the cleanup/backup/restore codepath, to ensure
it is also cleaned / backed up / restored.
Signed-off-by: Dimitri John Ledkov
---
Cha
not
actually updating any MBR. This increases peak disk-usage slightly, by
requiring temporarily twice the disk space to complete grub-install.
Also add modinfo.sh to the cleanup/backup/restore codepath, to ensure
it is also cleaned / backed up / restored.
Signed-off-by: Dimitri John Le
On Wed, 29 Jul 2020 at 21:20, John Paul Adrian Glaubitz
wrote:
>
> On 7/29/20 10:12 PM, Christian Hesse wrote:
> > This does not apply on top of grub 2.04. Will downstream maintainers have to
> > do their cherry-picking on its own or will a maintenance branch on top of
> > grub-2.04 (or what ever)
On Tue, 2 Jun 2020, 13:53 Vladimir 'phcoder' Serbinenko,
wrote:
>
>
> On Tue, Jun 2, 2020, 13:21 Dimitri John Ledkov wrote:
>
>> On Tue, 2 Jun 2020 at 12:12, Vladimir 'phcoder' Serbinenko
>> wrote:
>> >
>> >
>> >
>>
On Tue, 2 Jun 2020 at 12:12, Vladimir 'phcoder' Serbinenko
wrote:
>
>
>
> On Mon, Jun 1, 2020, 15:21 Chris Coulson wrote:
>>
>> When a file is verified, the entire contents of the verified file are
>> loaded in to memory and retained until the file handle is closed. A
>> consequence of this is th
There should be a slightly more recent version of the patch which changes
the label to "UEFI Firmware Settings" which more consistent with vendor
Bios documentation, GUI tools, systemctl, and Windows 10. We are currently
trying to have that label consistently everywhere in Ubuntu.
I was thinking t
Dev, wrote:
> hi
>
> On 3/19/20 5:57 PM, Dimitri John Ledkov wrote:
>
>
> > What is the bug number there?
>
>
>
>
> https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1868138
>
>
>
> > In general, we advise to customize via grub.d drop-in files ins
Have you opened a launchpad bug report against the grub2 package with both
configs before and after? What is the bug number there?
In general, we do parse and rewrite configs using debconf which is Perl / C
/ Shell processing using tools external to grub. In general, we advise to
customize via gru
On Fri, 5 Jul 2019 at 13:48, David Michael wrote:
>
> The following are two use cases from Rajat Jain :
>
> 1) We have a board that boots Linux and this board itself can be plugged into
> one of different chassis types. We need to pass different parameters to the
> kernel based on the "CHASSIS_T
On Tue, 28 May 2019 at 12:01, Leif Lindholm wrote:
>
> On Tue, May 28, 2019 at 11:27:08AM +0200, Daniel Kiper wrote:
> > On Thu, May 23, 2019 at 10:31:13PM +0100, Dimitri John Ledkov wrote:
> > > Specifically support dtb paths as created by flash-kernel package on
> > &
C630, and HP Envy
X2.
Signed-off-by: Dimitri John Ledkov
---
util/grub.d/10_linux.in | 15 +++
1 file changed, 15 insertions(+)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index 4532266be..bb6c8912f 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
48 matches
Mail list logo
