help-grub
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gpg verification issue over tftp


From: Andrei Borzenkov
Subject: Re: gpg verification issue over tftp
Date: Sat, 15 Nov 2014 19:40:39 +0300

В Tue, 11 Nov 2014 14:06:14 -0600
Robert Kliewer <address@hidden> пишет:

> I'm seeing an issue in rhel 7 grub 2.02 based on grub 2.02~beta2 (none of
> the rhel patches appear to touch gpg, so it's almost certainly in the main
> line as well).  If I'm using a gpg public key with check_signatures
> enabled, all file operations over tftp break grub (efi x86_64 image running
> on vmware 10).  For example if I cat a signed grubenv file, the file
> displays in its entirety but it is followed with:
> 
> alloc magic is broken at <addr>: <value>
> Aborted.  Press any key to exit.
> 

This sounds like memory corruption. It does not need to have anything
to do with gpg, could as well be a tftp/network problem. Useful tests
were

- test same operation from local disk (to exclude network)
- test current upstream master whether problem still exists there

> Pressing a key takes me back to the EFI firmware.  I can work around the
> issue by disabling check_signatures and manually running verify_detached on
> the file but that leaves me pulling my kernel and initrd twice, once to
> check the signature and once to load.  Just wondering if I'm configured in
> a bad way that would cause this behaviour.  Also, this does not appear to
> be an issue with signed files in the memdisk (probably not the hdd either,
> but I'm only booting over the network).  Any help is appreciated.  Thanks.
> 
> Rob




reply via email to

[Prev in Thread] Current Thread [Next in Thread]