Menu
▾
▴
Re: [Trustedgrub-users] Stage 1.5 gone?
|
From: Marcel S. <m.s...@si...> - 2010-07-06 13:04:10
|
Hi Joern, > Great new release, with ext3 support! thanks! > I remember that stage 1.5 used to be usable with Trusted Grub. actually, no, the stage 1.5 should always been removed, since there is no measurement extension added into that. > NOTE: Please make sure, that no *1_5-files are in your > /boot/grub-directory. The only valid files in there are stage1, stage2, > default, menu.lst / grub.conf. correct. > Why is that? I could not find any announcement or note about this, but > from the source code it look's like it has been specially disabled: This was done on purpose. Once you install TrustedGRUB, it will store the address of stage2 into stage1. If you use stage1.5, stage2 will be loaded by its filename from the filesystem instead of the fixed address, which could ease to replace stage2. > In start.S: > #ifdef STAGE1_5 ljmp $0, $0x2200 #else /* ! STAGE1_5 */ > But IF they worked, they would break the > asserted boot because stage1.5 would specifically not measure stage2 (it > is commented out). exactly, that is why we explicitly state to delete all stage1.5-files, such that they are not even used at all. Best regards, Marcel -- Sirrix AG security technologies -- http://www.sirrix.com Dipl.-Ing. Marcel Selhorst eMail: m.s...@si... Tel: +49 (234) 610071-126 Fax: +49 (234) 610071-526 Tel: +49 (681) 95986-126 Fax: +49 (681) 95986-526 Get my public key from keyserver, KeyId: 0x7C9821CC Fingerprint 4138 E617 E62E 79D3 E663 BE5A 14E7 1CD8 7C98 21CC Vorstand: Ammar Alkassar (Vors.), Christian Stueble Vorsitzender des Aufsichtsrates: Prof. Dr. Kai Rannenberg Sitz der Gesellschaft: Homburg/Saar, HRB 3857 Amtsgericht Saarbruecken This message may contain confidential and/or privileged information. If you are not the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. |
