From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LbHv6-0003dV-Ss for mharc-grub-devel@gnu.org; Sun, 22 Feb 2009 12:15:12 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LbHv5-0003d1-HN for grub-devel@gnu.org; Sun, 22 Feb 2009 12:15:11 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LbHv4-0003cg-Nd for grub-devel@gnu.org; Sun, 22 Feb 2009 12:15:10 -0500 Received: from [199.232.76.173] (port=33445 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LbHv4-0003cc-Hs for grub-devel@gnu.org; Sun, 22 Feb 2009 12:15:10 -0500 Received: from fg-out-1718.google.com ([72.14.220.159]:26671) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LbHv4-00017u-7J for grub-devel@gnu.org; Sun, 22 Feb 2009 12:15:10 -0500 Received: by fg-out-1718.google.com with SMTP id l27so1808473fgb.30 for ; Sun, 22 Feb 2009 09:15:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=rdTeZxAgyKmswGWC5IaOP025VlpWec9ynNBQTlGy96E=; b=htERoGGU4g8hOY1+l0x4X0Vz1LYDq7fTfL2tPQA8K6bUk9Y0gdm2SAkPJ+EEezniJO cm4UwTtIOLWjQ0RnkfzF7osK+Q6JPkAoDUQ+sXEmUB7fxDSfOsGecPS3QbUzXrHjoM6o dKX0I/dIPr4UTLRxEUuyYaU2nftrQ6/9FuUnw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=AKSbxEjql6/4GQXABCV/cJd+7G9Qoc7Jye9qFhBahG/KRto1lgO75Ix8jMhPQ7OB52 q6Jm6F4OdiPTF7d0WY8tZc5yjFL7aJTmGqWkSY2wl/9cTXdkD0/oom72JxzOa7bOHbwQ fx64Kt28lMh4/SXfImi26EAl4bb/XTKPIp3k8= Received: by 10.86.98.18 with SMTP id v18mr2364560fgb.46.1235322909228; Sun, 22 Feb 2009 09:15:09 -0800 (PST) Received: from ?192.168.1.25? (112-27.1-85.cust.bluewin.ch [85.1.27.112]) by mx.google.com with ESMTPS id e11sm5446527fga.30.2009.02.22.09.15.08 (version=SSLv3 cipher=RC4-MD5); Sun, 22 Feb 2009 09:15:08 -0800 (PST) Message-ID: <49A1881B.7050903@gmail.com> Date: Sun, 22 Feb 2009 18:15:07 +0100 From: phcoder User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: The development of GRUB 2 References: <49A152BD.6010907@student.ethz.ch> <49A15982.4000001@gmail.com> <49A16B5E.2020701@student.ethz.ch> <49A1727D.9070400@gmail.com> <49A181D1.7080707@student.ethz.ch> In-Reply-To: <49A181D1.7080707@student.ethz.ch> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2) Subject: Re: GRUB trusted boot framework X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Feb 2009 17:15:11 -0000 > Do you know if it is possible to determine where the files come from? Well it's possible looking at filename and root drive but it's not reliable (e.g. ata0 can be hd0 but also hd1, when we'll have network support it will be even less obvious. Actually it's something grub2's architecture is trying to hide) and in this context not relevant. If signature is correct does it matter where the file comes from? At most what is necessary for these functions is being able to read the files like .sig but it's trivial when filename is given > Hmm, to be precise we're interested in file reads. So if the loopback image is > implemented as disk driver, it should work. AFAIR it's a disk driver which reads from file. IMO disk read hooks will result in messy and bug-prone design which is incompatible with grub2's versatility. And only the files that end up in memory or control grub need to be checked. > > Greets, > > Jan Regards Vladimir 'phcoder' Serbinenko