grub-devel.gnu.org archive mirror
 help / color / mirror / Atom feed
From: "Vladimir 'φ-coder/phcoder' Serbinenko" <phcoder@gmail.com>
To: Daniel Kiper <daniel.kiper@oracle.com>
Cc: The development of GNU GRUB <grub-devel@gnu.org>,
	"keir@xen.org" <keir@xen.org>,
	Ian Campbell <ian.campbell@citrix.com>,
	Matthew Garrett <mjg59@srcf.ucam.org>,
	"stefano.stabellini@eu.citrix.com"
	<stefano.stabellini@eu.citrix.com>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
	Jan Beulich <JBeulich@suse.com>,
	"ross.philipson@citrix.com" <ross.philipson@citrix.com>,
	"Maliszewski, Richard L" <richard.l.maliszewski@intel.com>,
	"boris.ostrovsky@oracle.com" <boris.ostrovsky@oracle.com>,
	"Woodhouse, David" <david.woodhouse@intel.com>
Subject: Re: EFI and multiboot2 devlopment work for Xen
Date: Tue, 22 Oct 2013 19:09:23 +0200	[thread overview]
Message-ID: <5266B143.9080708@gmail.com> (raw)
In-Reply-To: <20131022165140.GL3626@debian70-amd64.local.net-space.pl>

[-- Attachment #1: Type: text/plain, Size: 870 bytes --]

On 22.10.2013 18:51, Daniel Kiper wrote:
> On Tue, Oct 22, 2013 at 04:36:04PM +0000, Maliszewski, Richard L wrote:
>> I may be off-base, but when I was wading through the grub2 code earlier
>> this year, it looked to me like it was going to refuse to launch anything
>> via MB1 or MB2 if the current state was a secure boot launch.
> 
> Are you talking about upstream GRUB2 or GRUB2 with tons of distros
> patches including linuxefi one. If later one it could be the case.
> 
> Daniel
> 
secureboot patch in its current state has only one goal: make microsoft
sign existing image and load linux. If we integrate it with GRUB
signatures check (as far as GNU policy permits but rest would be tiny)
then it will be a matter of choosing which way xen is going to be
signed. I'd recommend GnuPG detached signature (xen and xen.sig) but
don't insist on it.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 291 bytes --]

  reply	other threads:[~2013-10-22 17:09 UTC|newest]

Thread overview: 79+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-10-21 12:57 EFI and multiboot2 devlopment work for Xen Daniel Kiper
2013-10-21 13:36 ` Jan Beulich
2013-10-21 14:23   ` Konrad Rzeszutek Wilk
2013-10-21 14:37     ` Jan Beulich
2013-10-21 18:46       ` Daniel Kiper
2013-10-22  7:16         ` Jan Beulich
2013-10-21 18:39   ` Daniel Kiper
2013-10-22  7:15     ` Jan Beulich
2013-10-21 13:54 ` Peter Jones
2013-10-21 18:57   ` Daniel Kiper
2013-10-22  9:26     ` Ian Campbell
2013-10-22  9:31       ` Jan Beulich
2013-10-22  9:45         ` Ian Campbell
2013-10-22  9:59           ` Jan Beulich
2013-10-22 13:42             ` Konrad Rzeszutek Wilk
2013-10-22 13:53               ` Ian Campbell
2013-10-22 14:09                 ` Konrad Rzeszutek Wilk
2013-10-22 14:24                   ` Ian Campbell
2013-10-22 14:51                     ` Konrad Rzeszutek Wilk
2013-10-22 14:59                       ` Jan Beulich
2013-10-22 15:35                       ` Peter Jones
2013-10-22 15:39                       ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-22 16:31                         ` Konrad Rzeszutek Wilk
2013-10-22 15:22                     ` [Xen-devel] " Ian Campbell
2013-10-22 16:26                       ` Konrad Rzeszutek Wilk
2013-10-23  8:32                         ` Ian Campbell
2013-10-23 13:13                           ` Konrad Rzeszutek Wilk
2013-10-23 14:07                             ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-23 17:13                               ` Andrey Borzenkov
2013-10-23 16:17                             ` Jan Beulich
2013-10-23 16:14                           ` Jan Beulich
2013-10-23 17:01                             ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-24  6:53                               ` Jan Beulich
2013-10-22 14:10                 ` Jan Beulich
2013-10-22 14:18                 ` Woodhouse, David
2013-10-22 14:57                   ` Konrad Rzeszutek Wilk
2013-10-22 15:21                     ` Ian Campbell
2013-10-22 16:24                       ` Konrad Rzeszutek Wilk
2013-10-22 16:27                         ` Ian Campbell
2013-10-22 15:23                   ` Ian Campbell
2013-10-22 14:43               ` Konrad Rzeszutek Wilk
2013-10-22 15:25                 ` Woodhouse, David
2013-10-22 15:32                   ` Matthew Garrett
2013-10-22 15:42                     ` Woodhouse, David
2013-10-22 16:01                       ` Daniel Kiper
2013-10-22 16:08                         ` Ian Campbell
2013-10-22 16:14                           ` Daniel Kiper
2013-10-22 16:25                             ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-22 16:31                               ` Ian Campbell
2013-10-22 16:38                             ` Konrad Rzeszutek Wilk
2013-10-22 16:24                         ` Vladimir 'φ-coder/phcoder' Serbinenko
     [not found]                           ` <CE8BF72A.243C%richard.l.maliszewski@intel.com>
2013-10-22 16:51                             ` Daniel Kiper
2013-10-22 17:09                               ` Vladimir 'φ-coder/phcoder' Serbinenko [this message]
2013-10-22 17:21                               ` Maliszewski, Richard L
2013-10-23  7:53                                 ` Daniel Kiper
2013-10-22 16:35                   ` Konrad Rzeszutek Wilk
2013-10-23  6:49                     ` Michael Chang
2013-10-23  6:51                       ` Michael Chang
2013-10-23  6:56               ` Daniel Kiper
2013-10-21 20:53 ` Seth Goldberg
2013-10-21 21:27   ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-21 21:27     ` Seth Goldberg
2013-10-21 21:16 ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-22  8:54   ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-23  7:05     ` Daniel Kiper
2013-10-23  8:28       ` Seth Goldberg
2013-10-23 10:43       ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-28 16:26     ` Konrad Rzeszutek Wilk
2013-10-28 18:01       ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-29  8:28         ` Jan Beulich
2013-10-30 11:19           ` Is: Wrap-up Was: " Daniel Kiper
2013-10-30 11:38             ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-11-04 20:41             ` Stefano Stabellini
2013-11-05 19:15               ` Leif Lindholm
2013-10-28 18:42       ` Seth Goldberg
2013-10-22 17:12   ` Andrey Borzenkov
2013-10-22 17:20     ` Vladimir 'φ-coder/phcoder' Serbinenko
2013-10-23  7:43   ` Daniel Kiper
2013-10-23  8:44     ` Vladimir 'φ-coder/phcoder' Serbinenko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5266B143.9080708@gmail.com \
    --to=phcoder@gmail.com \
    --cc=JBeulich@suse.com \
    --cc=boris.ostrovsky@oracle.com \
    --cc=daniel.kiper@oracle.com \
    --cc=david.woodhouse@intel.com \
    --cc=grub-devel@gnu.org \
    --cc=ian.campbell@citrix.com \
    --cc=keir@xen.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mjg59@srcf.ucam.org \
    --cc=richard.l.maliszewski@intel.com \
    --cc=ross.philipson@citrix.com \
    --cc=stefano.stabellini@eu.citrix.com \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).