lib-crypto-The-echo_password-environment-variable-de.patch

2025-05-28 Thread 刘阳
Dear GRUB2 Maintainers,   Thank you very much to Jiří "bindiff" Wolker for the excellent suggestion. Based on his feedback, I have implemented support for a new boolean environment variable called echo_password, which allows users to control whether characters are echoed (as *) when entering passw

Re: [PATCH v2] ieee1275: support added for multiple nvme bootpaths

2025-05-28 Thread Avnish Chouhan
Hi Daniel, Thank you so much for a review! On 2025-05-27 01:00, Daniel Kiper wrote: On Mon, May 19, 2025 at 04:34:34PM +0530, Avnish Chouhan wrote: This patch sets mupltiple NVMe boot-devices for more robust boot. Scenario where NVMe multipaths are available, all the available bootpaths (Max

Re: [PATCH v2] ieee1275: support added for multiple nvme bootpaths

2025-05-28 Thread Daniel Kiper
On Wed, May 28, 2025 at 04:50:00PM +0530, Avnish Chouhan wrote: > Hi Daniel, > > Thank you so much for a review! > > On 2025-05-27 01:00, Daniel Kiper wrote: > > On Mon, May 19, 2025 at 04:34:34PM +0530, Avnish Chouhan wrote: [...] > > > diff --git a/grub-core/osdep/linux/ofpath.c > > > b/grub-co

Re: Load single binary under grub

2025-05-28 Thread Daniel Kiper
On Wed, May 28, 2025 at 09:16:21AM +0530, Sumeet R.P. wrote: > Hi, > > Can we pass and load the single binary under grub with UEFI support?  > This single binary contains the vmlinuz and initrd images.  Are you asking about UKI support? This is WIP... Or you can use chainloader for time being. Da

Re: [PATCH v3 0/2] Support dates outside of 1901..2038 range

2025-05-28 Thread Daniel Kiper
On Fri, May 23, 2025 at 07:23:32AM -0500, Andrew Hamilton wrote: > Hello, > > I was wondering if this was still on the radar. Yes, it is but it is not the highest priority... Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/m

Re: [PATCH v2 08/21] appended signatures: import GNUTLS's ASN.1 description files

2025-05-28 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:29AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > In order to parse PKCS#7 messages and X.509 certificates with libtasn1, > we need some information about how they are encoded. > > We get these from GNUTLS, which has the benefit that they support the > f

Re: [PATCH 1/1] Add Xen command line parsing

2025-05-28 Thread Aaron Rainbolt
On Wed, 28 May 2025 17:12:19 +0200 Daniel Kiper wrote: > First of all, next time please add Xen-devel ML to recipients too... Apologies, didn't realize that list would be appropriate. I will add them in the next version of the patch. > On Wed, Apr 23, 2025 at 09:47:48PM -0500, Aaron Rainbolt wr

Re: [PATCH 0/1] Add Xen command line parsing

2025-05-28 Thread Aaron Rainbolt
On Wed, 28 May 2025 18:19:20 +0300 "Vladimir 'phcoder' Serbinenko" wrote: > I'm unsure about exporting all random parameters to env namespace. > PHP went down this road and result was bunch of bad vulnerabilities. > Maybe instead of blindly exporting it have some kind of export or > query command

Re: [PATCH v2] ieee1275: support added for multiple nvme bootpaths

2025-05-28 Thread Avnish Chouhan
Hi Daniel, I believe we need this change. We are using this function "of_path_get_nvme_nsid" in the patch which is defined in other file, and this "of_path_get_nvme_nsid" calls the function "block_device_get_sysfs_path_and_link". If we don't define this in the header file, we get this error b

Re: [PATCH v2 09/21] appended signatures: parse PKCS#7 signedData and X.509 certificates

2025-05-28 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:30AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > This code allows us to parse: > > - PKCS#7 signedData messages. Only a single signerInfo is supported, >which is all that the Linux sign-file utility supports creating >out-of-the-box. Only RSA,

Re: [PATCH 1/1] Add Xen command line parsing

2025-05-28 Thread Daniel Kiper
First of all, next time please add Xen-devel ML to recipients too... On Wed, Apr 23, 2025 at 09:47:48PM -0500, Aaron Rainbolt wrote: > Enable GRUB to parse the Xen command line for parameters, and expose > certain of those parameters to the GRUB config file (or rescue shell) > as environment varia

Re: [PATCH 0/1] Add Xen command line parsing

2025-05-28 Thread Vladimir 'phcoder' Serbinenko
I'm unsure about exporting all random parameters to env namespace. PHP went down this road and result was bunch of bad vulnerabilities. Maybe instead of blindly exporting it have some kind of export or query command? Or at least add some prefix to exported vars to identify them as such? Regards Vl

Re: [PATCH v2 07/21] grub-install: support embedding x509 certificates

2025-05-28 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:28AM +0530, Sudhakar Kuppusamy wrote: > From: Alastair D'Silva > > To support verification of appended signatures, we need a way to > embed the necessary public keys. Existing appended signature schemes > in the Linux kernel use X.509 certificates, so allow certificat

Re: [PATCH v2 10/21] appended signatures: support verifying appended signatures

2025-05-28 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:31AM +0530, Sudhakar Kuppusamy wrote: > From: Daniel Axtens > > Building on the parsers and the ability to embed x509 certificates, as > well as the existing gcrypt functionality, add a module for verifying > appended signatures. > > This includes a verifier that requ

Re: [PATCH v2 11/21] appended signatures: verification tests

2025-05-28 Thread Daniel Kiper
On Thu, Mar 27, 2025 at 01:02:32AM +0530, Sudhakar Kuppusamy wrote: [...] > diff --git a/grub-core/tests/appended_signatures.h > b/grub-core/tests/appended_signatures.h > new file mode 100644 > index 0..c6aa12d86 > --- /dev/null > +++ b/grub-core/tests/appended_signatures.h > @@ -0,0 +1,