From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1VqBbs-0001jB-My for mharc-grub-devel@gnu.org; Mon, 09 Dec 2013 19:55:36 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39781) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VqBbl-0001iu-9y for grub-devel@gnu.org; Mon, 09 Dec 2013 19:55:34 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VqBbf-00051z-Si for grub-devel@gnu.org; Mon, 09 Dec 2013 19:55:29 -0500 Received: from mail-ea0-x22f.google.com ([2a00:1450:4013:c01::22f]:51349) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VqBbf-00051u-IB for grub-devel@gnu.org; Mon, 09 Dec 2013 19:55:23 -0500 Received: by mail-ea0-f175.google.com with SMTP id z10so1911576ead.34 for ; Mon, 09 Dec 2013 16:55:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=Gt+s8T4h5AdHJZ4h8vEunbsCGiMFwNXtFUkDHeqQzl4=; b=j24e+d1Ogi7hYAlF1O3BVbf4WR5PyTax2u+yOGJRpK/fL1HL/adp+fYDXrTpKkUEY7 iTmWUyJXCZdSt7kyR482cGj68mgGcr/nWFQp6E5BD4kSP0E0t7QAJdtCZF7IFm16jKT2 KC/ZARlCFi/WexdPmaxD8T09hZScLS+aylk9srsBSd7OuHAdL7m9yAZ7ZJOCNA/xjdId fn/daUVmHFmNwOCMVugmR+vYvdvBdtbiFpGGIQ4pGbH0DfcjxnpU0v4mLNjqKzFpQP1n hYbC2mt6DXraqBTPoBAufu5s08yvPLyMMmSRf1drF1SutoW/wYtWa7MPeRbRI7rSAjyL 0bIg== X-Received: by 10.15.82.136 with SMTP id a8mr8728885eez.81.1386636922525; Mon, 09 Dec 2013 16:55:22 -0800 (PST) Received: from [192.168.1.16] (85-188.196-178.cust.bluewin.ch. [178.196.188.85]) by mx.google.com with ESMTPSA id 4sm5020349eed.14.2013.12.09.16.55.21 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 09 Dec 2013 16:55:21 -0800 (PST) Message-ID: <52A66678.4040900@gmail.com> Date: Tue, 10 Dec 2013 01:55:20 +0100 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131103 Icedove/17.0.10 MIME-Version: 1.0 To: The development of GNU GRUB Subject: Re: grub mishandles corrupt/missing primary GPT References: <9DB3EF6D-6E26-4A9F-BB2D-07CCEF378D7A@colorremedies.com> <52687CC7.4010605@gmail.com> <52A5E1A1.3000103@ubuntu.com> <52A5E7A2.6060104@gmail.com> <50736662-98F2-4F6B-AC7F-E93885391F26@colorremedies.com> In-Reply-To: <50736662-98F2-4F6B-AC7F-E93885391F26@colorremedies.com> X-Enigmail-Version: 1.6 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="EEnfgx4GGTMnb3aPgMSBoTbonmFtXQdtW" X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a00:1450:4013:c01::22f X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Dec 2013 00:55:34 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --EEnfgx4GGTMnb3aPgMSBoTbonmFtXQdtW Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 10.12.2013 01:11, Chris Murphy wrote: >=20 > On Dec 9, 2013, at 8:54 AM, Vladimir '=CF=86-coder/phcoder' Serbinenko = wrote: >=20 >> On 09.12.2013 16:28, Phillip Susi wrote: >>> On 10/23/2013 9:49 PM, Vladimir '=CF=86-coder/phcoder' Serbinenko wro= te: >>>> partmap module is size-critical and CRC32 verification is pretty >>>> big. There are 3 problems with backup header: >>> >>> The grub core no longer fits in 63 sectors in all but the most trivia= l >>> configurations as it is, >> Not true. I've checked: all configs not involving compressed fs or >> diskfilter fit in 31K. >>> and a 2048 sector embed area has been >>> standard now for several years, so I don't think size is a problem. >>> >> We're speaking abut GPT, nothing to do with MBR embed area. >> >> My problem with that is that it increases complexity a lot in currentl= y >> simple code. >> And also I had experience with backup header out of place due to disk >> reconfiguration and primary header corrupted but still well enough to >> have valid partitions. I could boot this system by using "gpt" linux >> option. With proposed changes this system would become unbootable. >=20 > Technically if the alternate is invalid by being in the wrong location = (either end of disk or where the primary header says it should be located= ), and the header is also invalid because the header is corrupt, then the= disk has an invalid GPT. So long as GRUB knows a valid MBR without an 0x= EE entry means any found GPT is stale (or rather, simply doesn't go looki= ng for the GPT), it seems possibly reasonable for GRUB to blindly use the= primary partition table. If it fails, it fails, even if it's unfortunate= there's no fallback to a valid alternate GPT. It's already the case. Probably the real remaining points are: - Should we use backup headers under some conditions? - Should msdos partitions be visible? Always? When it's not a PMBR? Or when GPT is corrupt? >=20 > Maybe someone could argue it's a security problem for an invalid GPT be= ing used despite being invalid? >=20 CRC32 isn't a MAC. Anyone who can modify GPT can fix CRC32 as well. > Also, I have some evidence that newer Apple EFI firmware are repairing = these cases. I have one older computer that I can consistently corrupt, a= nd it remains corrupted through boot, even to the degree the (linux) kern= el face plants by default if the primary header or table is corrupt, unle= ss the gpt kernel parameter is used. Yet a newer computer boots without t= he kernel complaining, and upon startup completion the GPT is fixed. Iden= tically performed installations were performed in those cases. >=20 > So maybe it can be argued the firmware has a role to play in fixing up = GPT? Or maybe this is a hideously bad idea for firmware, which as we know= is slightly less than massively bug ridden, to have such write privilege= s to the disk. >=20 Firmware writing to disk without being explicitly asked for it is a bugware or spyware. >=20 > Chris Murphy > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel >=20 --EEnfgx4GGTMnb3aPgMSBoTbonmFtXQdtW Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iF4EAREKAAYFAlKmZngACgkQmBXlbbo5nOvNrwD/beOxrGX0W/jSvCjwqtKu7Stp 6PsaqMDjnO2lLMFZE0sBAKuIuh25zMzkTFm5FKJp5GVGnI8uFr0wIxjabqBczggR =DM+r -----END PGP SIGNATURE----- --EEnfgx4GGTMnb3aPgMSBoTbonmFtXQdtW--