tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,292 Commits 1 Branch 0 Tags 49 MiB
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Sudhakar Kuppusamy 76158ed1ad powerpc/ieee1275: Read the db and dbx secure boot variables 
Enhancing the infrastructure to enable the Platform Keystore (PKS) feature,
which provides access to the SB_VERSION, db, and dbx secure boot variables
from PKS.

If PKS is enabled, it will read secure boot variables such as db and dbx
from PKS and extract EFI Signature List (ESL) from it. The ESLs would be
saved in the Platform Keystore buffer, and the appendedsig module would
read it later to extract the certificate's details from ESL.

In the following scenarios, static key management mode will be activated:
 1. When Secure Boot is enabled with static key management mode
 2. When SB_VERSION is unavailable but Secure Boot is enabled
 3. When PKS support is unavailable but Secure Boot is enabled

Note:

 SB_VERSION: Key Management Mode
 1 - Enable dynamic key management mode. Read the db and dbx variables from PKS,
     and use them for signature verification.
 0 - Enable static key management mode. Read keys from the GRUB ELF Note and
     use it for signature verification.

Signed-off-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2025-10-11 15:36:46 +02:00
asm-tests
asm-tests/i386-pc: Check that movl is 5 bytes.
2016-09-28 20:31:04 +03:00
conf
tests: Add test ISO files to dist package
2025-09-10 01:12:17 +02:00
docs
powerpc/ieee1275: Enter lockdown based on /ibm, secure-boot
2025-10-11 15:36:37 +02:00
grub-core
powerpc/ieee1275: Read the db and dbx secure boot variables
2025-10-11 15:36:46 +02:00
include
powerpc/ieee1275: Read the db and dbx secure boot variables
2025-10-11 15:36:46 +02:00
po
po: Update translations to build with gettext 0.26
2025-09-04 14:37:21 +02:00
tests
tests: Test dates outside of 32-bit Unix range
2025-09-10 01:12:17 +02:00
themes/starfield
Starfield theme.
2012-02-23 17:21:38 +01:00
unicode
* unicode: Import Unicode 6.0 data.
2011-12-25 16:17:25 +01:00
util
grub-install: Support embedding x509 certificates
2025-10-11 15:36:34 +02:00
.gitattributes
gitattributes: Mark po/exclude.pot as binary so git won't try to diff nonprintables
2019-09-23 13:17:15 +02:00
.gitignore
gitignore: Ignore generated files from libtasn
2025-03-05 12:05:38 +01:00
.travis.yml
travis: Run bootstrap to fix build
2020-09-18 22:31:30 +02:00
acinclude.m4
configure: Replace -Wl,-r,-d with -Wl,-r and add -fno-common
2022-03-07 15:05:22 +01:00
AUTHORS
2005-09-03 Yoshinori K. Okuji <okuji@enbug.org>
2005-09-03 16:54:27 +00:00
autogen.sh
libgcrypt: Adjust import script, definitions and API users for libgcrypt 1.11
2025-07-11 23:12:50 +02:00
bootstrap
bootstrap: Ensure shallow gnulib clone works on newer git
2025-09-04 14:37:21 +02:00
bootstrap.conf
blsuki: Add blscfg command to parse Boot Loader Specification snippets
2025-09-04 14:37:20 +02:00
BUGS
BUGS: Update to point to bug tracking system
2025-09-04 14:37:21 +02:00
config.h.in
efi: Generate stack protector canary at build time if urandom is available
2023-12-20 14:31:50 +01:00
configure.ac
configure: Generate tar-ustar tarball instead of tar-v7
2025-08-14 21:21:42 +02:00
COPYING
2007-07-22 Yoshinori K. Okuji <okuji@enbug.org>
2007-07-21 23:32:33 +00:00
coreboot.cfg
* coreboot.cfg: Add missing file.
2013-11-20 00:52:23 +01:00
geninit.sh
automake commit without merge history
2010-05-06 11:34:04 +05:30
gentpl.py
gentpl: Put boot/mips/startup_raw.S into beginning of the image
2024-09-05 17:25:27 +02:00
INSTALL
INSTALL: Document libtasn1 needed for grub-protect
2025-09-04 14:37:21 +02:00
linguas.sh
linguas: Don't skip ko.po.
2017-02-04 00:06:57 +01:00
MAINTAINERS
SECURITY: Add SECURITY file
2021-06-08 14:24:34 +02:00
Makefile.am
Makefile: Make grub_fstest.pp depend on config-util.h
2022-08-10 14:24:46 +02:00
Makefile.util.def
tests: Add tpm2_key_protector_test
2024-11-28 21:50:56 +01:00
NEWS
Release 2.12
2023-12-20 16:54:46 +01:00
README
SECURITY: Add SECURITY file
2021-06-08 14:24:34 +02:00
SECURITY
SECURITY: Add SECURITY file
2021-06-08 14:24:34 +02:00
THANKS
2009-12-11 Robert Millan <rmh.grub@aybabtu.com>
2009-12-11 22:44:47 +00:00
TODO
TODO: Remove obsolete link
2016-02-12 17:51:52 +01:00

README 

This is GRUB 2, the second version of the GRand Unified Bootloader.
GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more
robust, more powerful, and more portable.

See the file NEWS for a description of recent changes to GRUB 2.

See the file INSTALL for instructions on how to build and install the
GRUB 2 data and program files.

See the file MAINTAINERS for information about the GRUB maintainers, etc.

If you found a security vulnerability in the GRUB please check the SECURITY
file to get more information how to properly report this kind of bugs to
the maintainers.

Please visit the official web page of GRUB 2, for more information.
The URL is <http://www.gnu.org/software/grub/grub.html>.

More extensive documentation is available in the Info manual,
accessible using 'info grub' after building and installing GRUB 2.

There are a number of important user-visible differences from the
first version of GRUB, now known as GRUB Legacy. For a summary, please
see:

  info grub Introduction 'Changes from GRUB Legacy'
Description
No description provided
Readme
Languages
C 82.5%
Assembly 13.6%
M4 1.4%
Shell 1.3%
Makefile 0.5%
Other 0.5%