Re: [PATCH v1 11/15] grub-install: disable support for EFI platforms

On Sun, Nov 3, 2024 at 7:08 PM Neal Gompa wrote: > > On Thu, Oct 31, 2024 at 3:43 PM Leo Sandoval wrote: > > > > From: Jan Hlavac > > > > For each platform, GRUB is shipped as a kernel image and a set of > > modules. These files are then used by the grub-install utility to > > install GRUB on a

Re: [PATCH v21 33/33] docs: Document TPM2 key protector

On 11/4/24 2:32 AM, Gary Lin via Grub-devel wrote: Update the user manual to address TPM2 key protector including the two related commands, tpm2_key_protector_init and tpm2_key_protector_clear, and the user-space utility: grub-protect. Signed-off-by: Gary Lin --- docs/grub.texi | 512 ++

Re: [PATCH v21 23/33] key_protector: Add TPM2 Key Protector

On 11/4/24 2:31 AM, Gary Lin wrote: From: Hernan Gatta The TPM2 key protector is a module that enables the automatic retrieval of a fully-encrypted disk's unlocking key from a TPM 2.0. The theory of operation is such that the module accepts various arguments, most of which are optional and t

Re: [PATCH v21 25/33] util/grub-protect: Add new tool

On 11/4/24 2:31 AM, Gary Lin wrote: From: Hernan Gatta To utilize the key protectors framework, there must be a way to protect full-disk encryption keys in the first place. The grub-protect tool includes support for the TPM2 key protector but other protectors that require setup ahead of time

Re: [PATCH v1 0/5] Fedora Rawhide BTRFS patches

I think the entire series is bad if I understand it correctly. I ask the same question again: are some files inaccessible with current code but become accessible with these patches? Aka can I create a file that I can't read with grub-fstest in the current code? GRUB2 follows strict design that sam

Re: [PATCH v21 22/33] tss2: Add TPM2 Software Stack (TSS2) support

On 11/4/24 2:31 AM, Gary Lin via Grub-devel wrote: A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to compose and submit TPM commands and parse reponses. A limited number of TPM commands may be accessed via the EFI TCG2 protocol. This protocol exposes functionality that is

Re: [PATCH] kern/main: Fix cmdpath in root directory

On Fri, Nov 01, 2024 at 10:03:16AM +0800, Michael Chang wrote: > On Wed, Oct 30, 2024 at 05:12:48PM GMT, Daniel Kiper wrote: > > Adding Leo... > > > > On Tue, Oct 29, 2024 at 03:57:18PM +0800, Michael Chang via Grub-devel > > wrote: > > > The "cmdpath" environment variable is set at startup to the

Re: [PATCH v21 21/33] tss2: Add TPM2 types and Marshal/Unmarshal functions

On 11/4/24 2:31 AM, Gary Lin via Grub-devel wrote: This commit adds the necessary TPM2 types and structs as the preparation for the TPM2 Software Stack (TSS2) support. The Marshal/Unmarshal functions are also added to handle the data structure to be submitted to TPM2 commands and to be received

Re: [PATCH 0/3 v8] LVM Cachevol and Integrity volumes break entire LVM VG

Adding Scottie... Sorry for delay... On Sat, Nov 02, 2024 at 12:10:02AM -0400, Patrick Plenefisch wrote: > Hello, yet another friendly poke that this has been waiting around for several > months for a review, and I'd love to get this bug fixed sooner rather than > later > Patrick At least Scott

Re: [PATCH v21 21/33] tss2: Add TPM2 types and Marshal/Unmarshal functions

On Mon, Nov 04, 2024 at 01:20:45PM -0500, Stefan Berger wrote: > > > On 11/4/24 2:31 AM, Gary Lin via Grub-devel wrote: > > This commit adds the necessary TPM2 types and structs as the preparation > > for the TPM2 Software Stack (TSS2) support. The Marshal/Unmarshal > > functions are also added t

Re: [PATCH v1 14/15] grub-install: install on EFI if forced

On Sun, Nov 3, 2024 at 7:09 PM Neal Gompa wrote: > On Thu, Oct 31, 2024 at 3:43 PM Leo Sandoval wrote: > > > > From: Marta Lewandowska > > > > UEFI Secure Boot requires signed grub binaries to work, so grub- > > install should not be used. However, users who have Secure Boot > > disabled and wi