On Thu, 18 Oct 2012, Vladimir 'φ-coder/phcoder' Serbinenko wrote:
http://code.google.com/p/cryptsetup/wiki/DMVerity
is the official documentation.
Briefly, you generate a salted hash tree of each block (and in turn of
the blocks containing the hashes) until you get a root hash. So with a
truste
On 15.10.2012 23:33, Geoffrey Thomas wrote:
> On Sat, 13 Oct 2012, Vladimir 'φ-coder/phcoder' Serbinenko wrote:
>
>>> First, does GRUB has a mechanism for me to validate a digitally-signed
>>> file of some sort? This could be e.g. a PGP-signed file or something
>>> from `openssl dgst -sign`. I se
On Sat, 13 Oct 2012, Vladimir 'φ-coder/phcoder' Serbinenko wrote:
First, does GRUB has a mechanism for me to validate a digitally-signed
file of some sort? This could be e.g. a PGP-signed file or something
from `openssl dgst -sign`. I see that GRUB has all the relevant crypto
primitives to do th
On 10.10.2012 00:54, Geoffrey Thomas wrote:
> Hi GRUB list,
>
> I'm working on adding verified boot / Secure Boot support to my
> company's OS-level product (MokaFive BareMetal). As background, we use
> whole-image updates to help with reliable unattended upgrades and for
> debugging; an upgrade
On Oct 10, 2012, at 12:33 PM, Matthew Garrett wrote:
> On Tue, Oct 09, 2012 at 06:32:49PM -0600, Chris Murphy wrote:
>
>> Basically Fedora 18 will be the first Fedora to support UEFI Secure
>> Boot. They are moving to a shim bootloader before GRUB2 because GRUB2
>> is GPLv3 licensed, which req
On Tue, Oct 09, 2012 at 06:32:49PM -0600, Chris Murphy wrote:
> Basically Fedora 18 will be the first Fedora to support UEFI Secure
> Boot. They are moving to a shim bootloader before GRUB2 because GRUB2
> is GPLv3 licensed, which requires making signing keys available
> (Installation Method re
On Tue, 9 Oct 2012, Chris Murphy wrote:
Google
"secure boot" site:mjg59.dreamwidth.org
Basically Fedora 18 will be the first Fedora to support UEFI Secure
Boot. They are moving to a shim bootloader before GRUB2 because GRUB2 is
GPLv3 licensed, which requires making signing keys available
(In
Google
"secure boot" site:mjg59.dreamwidth.org
Basically Fedora 18 will be the first Fedora to support UEFI Secure Boot. They
are moving to a shim bootloader before GRUB2 because GRUB2 is GPLv3 licensed,
which requires making signing keys available (Installation Method requirement)
so users can
Hi GRUB list,
I'm working on adding verified boot / Secure Boot support to my company's
OS-level product (MokaFive BareMetal). As background, we use whole-image
updates to help with reliable unattended upgrades and for debugging; an
upgrade is delivered as a new ISO image, and we have GRUB con
