Re: [PATCH 0/2] commands/efi: Fix sevral memory leaks

2025-05-22 Thread Daniel Kiper via Grub-devel
On Tue, May 20, 2025 at 05:40:17PM +, khaalid cali wrote: > "handles" that "grub_efi_locate_handles" was allocated with "grub_malloc" > wasn't being freed. The "handles" allocated by grub_efi_locate_handle() call are not always freed. Add missing grub_free() calls. > Signed-off-by: Khalid Al

Re: [PATCH v2 05/21] pgp: factor out rsa_pad

2025-05-22 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:26AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > rsa_pad does the PKCS#1 v1.5 padding for the RSA signature scheme. > We want to use it in other RSA signature verification applications. > > I considered and rejected putting it in lib/crypto.c. That file

Re: [PATCH v2 01/21] powerpc-ieee1275: Add support for signing grub with an appended signature

2025-05-22 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:22AM +0530, Sudhakar Kuppusamy wrote: > From: Rashmica Gupta > > Add infrastructure to allow firmware to verify the integrity of grub > by use of a Linux-kernel-module-style appended signature. We initially > target powerpc-ieee1275, but the code should be extensible

Re: [PATCH v2 03/21] docs/grub: Document signing grub with an appended signature

2025-05-22 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:24AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > Signing grub for firmware that verifies an appended signature is a s/grub/GRUB/ The project name is GRUB. Please fix it everywhere. > bit fiddly. I don't want people to have to figure it out from scrat

Re: [PATCH v2 04/21] dl: provide a fake grub_dl_set_persistent for the emu target

2025-05-22 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:25AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > Trying to start grub-emu with a module that calls grub_dl_set_persistent > will crash because grub-emu fakes modules and passes NULL to the module > init function. > > Provide an empty function for the em

Re: [PATCH v2 02/21] docs/grub: Document signing grub under UEFI

2025-05-22 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:23AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > Before adding information about how grub is signed with an appended > signature scheme, it's worth adding some information about how it > can currently be signed for UEFI. > > Signed-off-by: Daniel Axtens

Re: [PATCH v2 06/21] crypto: move storage for grub_crypto_pk_* to crypto.c

2025-05-22 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:27AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > The way gcry_rsa and friends (the asymmetric ciphers) are loaded for the > pgp module is a bit quirky. > > include/grub/crypto.h contains: > extern struct gcry_pk_spec *grub_crypto_pk_rsa; > > commands/

Re: [PATCH v3 0/5] fs: Test failure fixes and fuzzer fixes

2025-05-22 Thread Daniel Kiper via Grub-devel
On Wed, May 21, 2025 at 10:20:36PM -0500, Andrew Hamilton wrote: > Correct some NTFS test failures introduced by previous fixes for CVEs. > With these changes, the NTFS tests run successfully. > > Also correct some fuzzer identified crashes and hangs (in NTFS and one > that may in theory impact HFS