From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.71)
	id 1VYfSj-0008KX-30
	for mharc-grub-devel@gnu.org; Tue, 22 Oct 2013 13:09:45 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:50013)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <phcoder@gmail.com>) id 1VYfSY-0008Jw-Uo
	for grub-devel@gnu.org; Tue, 22 Oct 2013 13:09:43 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <phcoder@gmail.com>) id 1VYfSQ-0003w2-Hc
	for grub-devel@gnu.org; Tue, 22 Oct 2013 13:09:34 -0400
Received: from mail-ea0-x235.google.com ([2a00:1450:4013:c01::235]:43061)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <phcoder@gmail.com>) id 1VYfSQ-0003uq-9j
	for grub-devel@gnu.org; Tue, 22 Oct 2013 13:09:26 -0400
Received: by mail-ea0-f181.google.com with SMTP id d10so4434107eaj.12
	for <grub-devel@gnu.org>; Tue, 22 Oct 2013 10:09:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=message-id:date:from:user-agent:mime-version:to:cc:subject
	:references:in-reply-to:content-type;
	bh=D4d+eb5djwRbaZBsqCQ7MTTgoP5qcWpPUfQppCR57m0=;
	b=h0DU4RaQuHxjei+llJCydqbkawMcQCVoL97WW+E1wQsxF5fFB+qsAgOYl2kwMOoRXV
	VglyMcDKAuaqzJAQNHj7WBuhXl9q44HCUuSul4GZBjnO3o+PE37/OIeNf7gRYefSabeJ
	xNdU5Hkwx/mHR9cZFT/vmuNxRNQJ/ygItf6dCVTpsEB4zzUmChpaLj03AGb+1uo3ge+A
	OxIJ+i+VtvcAnxOZNwYBW3wg9iSYHr7b1OCHdXIWFZfQ0oxRNydQA7ePWGLHdBzRhmHy
	7S+WltTyUcpN+PdnMFDsvrROx+xcwxKzyJV8yTgSpiufdZBVgLzLRmA198d4lUOiF2i/
	OBWg==
X-Received: by 10.15.101.130 with SMTP id bp2mr1208573eeb.86.1382461765569;
	Tue, 22 Oct 2013 10:09:25 -0700 (PDT)
Received: from [192.168.1.16] (31-249.1-85.cust.bluewin.ch. [85.1.249.31])
	by mx.google.com with ESMTPSA id w6sm48532936eeo.12.2013.10.22.10.09.24
	for <multiple recipients>
	(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Tue, 22 Oct 2013 10:09:25 -0700 (PDT)
Message-ID: <5266B143.9080708@gmail.com>
Date: Tue, 22 Oct 2013 19:09:23 +0200
From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?=
	<phcoder@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:17.0) Gecko/20131005 Icedove/17.0.9
MIME-Version: 1.0
To: Daniel Kiper <daniel.kiper@oracle.com>
Subject: Re: EFI and multiboot2 devlopment work for Xen
References: <5266A6AD.90004@gmail.com>
	<CE8BF72A.243C%richard.l.maliszewski@intel.com>
	<20131022165140.GL3626@debian70-amd64.local.net-space.pl>
In-Reply-To: <20131022165140.GL3626@debian70-amd64.local.net-space.pl>
X-Enigmail-Version: 1.5.1
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature";
	boundary="----enig2JEDDDMNQFGVOQCWCINWC"
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
	(bad octet value).
X-Received-From: 2a00:1450:4013:c01::235
Cc: The development of GNU GRUB <grub-devel@gnu.org>,
	"keir@xen.org" <keir@xen.org>, Ian Campbell <ian.campbell@citrix.com>,
	Matthew Garrett <mjg59@srcf.ucam.org>,
	"stefano.stabellini@eu.citrix.com" <stefano.stabellini@eu.citrix.com>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
	Jan Beulich <JBeulich@suse.com>,
	"ross.philipson@citrix.com" <ross.philipson@citrix.com>,
	"Maliszewski, Richard L" <richard.l.maliszewski@intel.com>,
	"boris.ostrovsky@oracle.com" <boris.ostrovsky@oracle.com>,
	"Woodhouse, David" <david.woodhouse@intel.com>
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: The development of GNU GRUB <grub-devel@gnu.org>
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2013 17:09:43 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2JEDDDMNQFGVOQCWCINWC
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 22.10.2013 18:51, Daniel Kiper wrote:
> On Tue, Oct 22, 2013 at 04:36:04PM +0000, Maliszewski, Richard L wrote:=

>> I may be off-base, but when I was wading through the grub2 code earlie=
r
>> this year, it looked to me like it was going to refuse to launch anyth=
ing
>> via MB1 or MB2 if the current state was a secure boot launch.
>=20
> Are you talking about upstream GRUB2 or GRUB2 with tons of distros
> patches including linuxefi one. If later one it could be the case.
>=20
> Daniel
>=20
secureboot patch in its current state has only one goal: make microsoft
sign existing image and load linux. If we integrate it with GRUB
signatures check (as far as GNU policy permits but rest would be tiny)
then it will be a matter of choosing which way xen is going to be
signed. I'd recommend GnuPG detached signature (xen and xen.sig) but
don't insist on it.


------enig2JEDDDMNQFGVOQCWCINWC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iF4EAREKAAYFAlJmsUMACgkQNak7dOguQgk3ZQEAscA3BzU6BXsVciRL3IsopGJc
bTG4ZtezVT8u6cbw8eMBAMJ+zRIqa9Wa1dBBpfdgUgVExl8y3iaEcZ1Kz//ZwOVJ
=ywBL
-----END PGP SIGNATURE-----

------enig2JEDDDMNQFGVOQCWCINWC--