help-grub
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gpg verification issue over tftp


From: Robert Kliewer
Subject: gpg verification issue over tftp
Date: Tue, 11 Nov 2014 14:06:14 -0600

I'm seeing an issue in rhel 7 grub 2.02 based on grub 2.02~beta2 (none of the rhel patches appear to touch gpg, so it's almost certainly in the main line as well).  If I'm using a gpg public key with check_signatures enabled, all file operations over tftp break grub (efi x86_64 image running on vmware 10).  For example if I cat a signed grubenv file, the file displays in its entirety but it is followed with:

alloc magic is broken at <addr>: <value>
Aborted.  Press any key to exit.

Pressing a key takes me back to the EFI firmware.  I can work around the issue by disabling check_signatures and manually running verify_detached on the file but that leaves me pulling my kernel and initrd twice, once to check the signature and once to load.  Just wondering if I'm configured in a bad way that would cause this behaviour.  Also, this does not appear to be an issue with signed files in the memdisk (probably not the hdd either, but I'm only booting over the network).  Any help is appreciated.  Thanks.

Rob

reply via email to

[Prev in Thread] Current Thread [Next in Thread]