[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 0/5] Enable savedefault, etc with check_signatures=enforce
From: |
Jon McCune |
Subject: |
[PATCH v2 0/5] Enable savedefault, etc with check_signatures=enforce |
Date: |
Fri, 6 Sep 2013 09:18:48 -0700 |
These patches add support to load_env and save_env to work nicely
in concert with check_signatures=enforce. This represents an
evolution from the design in my email to grub-devel entitled
"Proposal to enable savedefault, one-shot reboot, etc with
check_signatures=enforce". Some additional work is done to make
this support usable: A {-k, --pubkey} option is added to
grub-install, and significant documentation is included. See the
individual patch descriptions for more specifics.
Jon McCune (5):
style: indent --no-tabs --gnu-style grub-core/commands/loadenv.c
load_env support for whitelisting which variables are read
save_env should work, even if check_signatures=enforce
Add -k, --pubkey=FILE support to grub-install command
Additional security-relevant documentation
docs/grub.texi | 180 ++++++++++++++++++++++++++++++++++++++++++-
grub-core/commands/loadenv.c | 171 ++++++++++++++++++++++++++++------------
util/grub-install.in | 13 +++-
util/grub-install_header | 6 ++
4 files changed, 316 insertions(+), 54 deletions(-)
--
1.8.4
- [PATCH v2 0/5] Enable savedefault, etc with check_signatures=enforce,
Jon McCune <=
- [PATCH v2 1/5] style: indent --no-tabs --gnu-style grub-core/commands/loadenv.c, Jon McCune, 2013/09/06
- [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Jon McCune, 2013/09/06
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Andrey Borzenkov, 2013/09/06
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Jonathan McCune, 2013/09/06
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Andrey Borzenkov, 2013/09/07
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Jonathan McCune, 2013/09/09
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Andrey Borzenkov, 2013/09/19
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Jonathan McCune, 2013/09/19
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Vladimir 'φ-coder/phcoder' Serbinenko, 2013/09/19
- Re: [PATCH v2 2/5] load_env support for whitelisting which variables are read from an env file, even if check_signatures=enforce, Andrey Borzenkov, 2013/09/19