|
| From: | phcoder |
| Subject: | Re: GRUB trusted boot framework |
| Date: | Sun, 22 Feb 2009 18:15:07 +0100 |
| User-agent: | Thunderbird 2.0.0.19 (X11/20090105) |
Well it's possible looking at filename and root drive but it's not reliable (e.g. ata0 can be hd0 but also hd1, when we'll have network support it will be even less obvious. Actually it's something grub2's architecture is trying to hide) and in this context not relevant. If signature is correct does it matter where the file comes from? At most what is necessary for these functions is being able to read the files like <original filename>.sig but it's trivial when filename is givenDo you know if it is possible to determine where the files come from?
AFAIR it's a disk driver which reads from file. IMO disk read hooks will result in messy and bug-prone design which is incompatible with grub2's versatility. And only the files that end up in memory or control grub need to be checked.Hmm, to be precise we're interested in file reads. So if the loopback image is implemented as disk driver, it should work.
Greets, Jan
Regards Vladimir 'phcoder' Serbinenko
| [Prev in Thread] | Current Thread | [Next in Thread] |