[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gpg verification issue over tftp
From: |
Jordan Uggla |
Subject: |
Re: gpg verification issue over tftp |
Date: |
Tue, 11 Nov 2014 16:00:58 -0800 |
On Tue, Nov 11, 2014 at 12:06 PM, Robert Kliewer
<address@hidden> wrote:
> I'm seeing an issue in rhel 7 grub 2.02 based on grub 2.02~beta2 (none of
> the rhel patches appear to touch gpg, so it's almost certainly in the main
> line as well). If I'm using a gpg public key with check_signatures enabled,
> all file operations over tftp break grub (efi x86_64 image running on vmware
> 10). For example if I cat a signed grubenv file, the file displays in its
> entirety but it is followed with:
>
> alloc magic is broken at <addr>: <value>
> Aborted. Press any key to exit.
>
> Pressing a key takes me back to the EFI firmware. I can work around the
> issue by disabling check_signatures and manually running verify_detached on
> the file but that leaves me pulling my kernel and initrd twice, once to
> check the signature and once to load. Just wondering if I'm configured in a
> bad way that would cause this behaviour. Also, this does not appear to be
> an issue with signed files in the memdisk (probably not the hdd either, but
> I'm only booting over the network). Any help is appreciated. Thanks.
>
> Rob
>
Please file a bug report against the RHEL 7 package. Can you test grub
from git to see if you can still reproduce the problem?
--
Jordan Uggla (Jordan_U on irc.freenode.net)