From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1oP7Fh-0005NZ-NM for mharc-grub-devel@gnu.org; Fri, 19 Aug 2022 15:01:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37822) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oP7Fe-0005NM-Ic for grub-devel@gnu.org; Fri, 19 Aug 2022 15:01:51 -0400 Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530]:43881) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oP7Fc-0002tV-KH for grub-devel@gnu.org; Fri, 19 Aug 2022 15:01:50 -0400 Received: by mail-ed1-x530.google.com with SMTP id o22so6723708edc.10 for ; Fri, 19 Aug 2022 12:01:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc; bh=gn2ZBFeOcQGPhhgASotWiUJ4u8jYS1ydk+8fplNyI14=; b=eV+j7lU4GMCo5iY0SF3Uf5lnFBC9pJxF9wvSaTqx5MKGADaSEuFg95WDsnTMj7SoNO 4YCzKgTGRsUP7yC5ixZpDt8xKoeOzZFoGIrVSvMRvRaWcToCfsmk7ok9PZjQjRfjCfGo jb2l5IVVZ48L3LjllDw0mOfpxMrUD46sbQHye/+Ulqh+IzonhrsVfkVS/R8YBlP2bzay O8yn0/sE8l7u1VnQkjJUX1uGHU3mLk1bzIiXmI7kBLDjdQrhcXlEyl9XsBf2P2kx7JnF 57OWI7MHj0Hm/pHdlQUWYnYjwS4DaqaZTYOsTtrri8QXGvEVBvs5zVKFsZ7nlsEgJbJk NPoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc; bh=gn2ZBFeOcQGPhhgASotWiUJ4u8jYS1ydk+8fplNyI14=; b=h7NbsP60cH+tEm1BmMIhQT0Vr2NCN846CDmNQen5tj1aM9m7Lk4jTgNbXd/RfZfXTN ZFGGlggtUTz9J5cM/CyW0HBbkuxtHrg9FYdfTaQJYMdJSED6C7Z0RiX/RAvkgo6x44A/ EvwPRKACin4QrBb7LOkhVKbirHlONQonAi8q4bT9jW+fN4YPuNoM6+XtsZkHMq3lVIMM 09hw5i5bQIuwRx6wiQrnqaHNbsq4YeTCLkY4huEc3L9dR8gWWTfqHFOA6jmeelQONYE6 s8si5PfKhHQ+97QClFQQC6ErNn2oiZBY5mBumfQDYdcFoPZl0YbpokTm0PYQGgs+5Ifk /RSA== X-Gm-Message-State: ACgBeo22HQpXlv2ttb7H2BfX6qaR0K4NvjN9lWMJAwX9yTmUBXjO1CLv pDE5OtME4EoIVAcVP4AbXb09KJX6DZGtTNyI4E5WHPTwm6kY/g== X-Google-Smtp-Source: AA6agR4W0MsZQG7m5ARRzH3IHPaBydTc2cE9xxGQZYx6uOqQNgc8yKIiPmC/2RZH76Ph9udS9ViySulXsCeXFEExLZQ= X-Received: by 2002:a05:6402:1f01:b0:445:fbe8:4b2e with SMTP id b1-20020a0564021f0100b00445fbe84b2emr7135402edb.192.1660935705857; Fri, 19 Aug 2022 12:01:45 -0700 (PDT) MIME-Version: 1.0 References: <20220819135755.vpfkmfyvysmdbzov@tomti.i.net-space.pl> <0F68F479-0EC8-4BF8-B21D-81B5FC725226@physik.fu-berlin.de> <20220819180916.GG2668594@tack.einval.com> In-Reply-To: <20220819180916.GG2668594@tack.einval.com> From: "Vladimir 'phcoder' Serbinenko" Date: Fri, 19 Aug 2022 21:01:35 +0200 Message-ID: Subject: Re: [PATCH] Remove HFS support To: The development of GNU GRUB Content-Type: multipart/alternative; boundary="000000000000be143305e69cbaf6" Received-SPF: pass client-ip=2a00:1450:4864:20::530; envelope-from=phcoder@gmail.com; helo=mail-ed1-x530.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Aug 2022 19:01:51 -0000 --000000000000be143305e69cbaf6 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Le ven. 19 ao=C3=BBt 2022, 20:11, Steve McIntyre a =C3= =A9crit : > On Fri, Aug 19, 2022 at 04:03:38PM +0200, John Paul Adrian Glaubitz wrote= : > >> On Aug 19, 2022, at 3:59 PM, Daniel Kiper wrote: > >> > >> If I do not hear any major objections in the following weeks I will > >> merge this patch or a variant of it in the second half of September. > > > >We=E2=80=99re still formatting our /boot partitions for Debian PowerPC f= or > >PowerMacs using HFS, so this change would be a breaking change for > >us. > > > >So, that would be a no from Debian=E2=80=99s side. > > Not so fast please, Adrian. At the risk of sounding harsh, non-release > old ports like powerpc *really* don't get to dictate things in Debian > terms. > But booting old machines is still desirable for GRUB. Is there a reason why HFS is actively bad for modern machines? Especially if it's disabled in case of lockdown. Can I have more details about your security concerns? I may consider rewriting parts of HFS code to improve it. > > As Daniel Axtens has been finding out, the HFS code is terrible in > terms of security. If you still need it for old/semi-dead machines, > maybe you should fork an older grub release and stay with that? > > -- > Steve McIntyre, Cambridge, UK. > steve@einval.com > Getting a SCSI chain working is perfectly simple if you remember that > there > must be exactly three terminations: one on one end of the cable, one on > the > far end, and the goat, terminated over the SCSI chain with a > silver-handled > knife whilst burning *black* candles. --- Anthony DeBoer > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel > --000000000000be143305e69cbaf6 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


Le ven. 19 ao=C3=BBt 2022, 20:11, Steve McIntyre <<= a href=3D"mailto:steve@einval.com">steve@einval.com> a =C3=A9crit=C2= =A0:
On Fri, Aug 19, 2022 at 04:03:= 38PM +0200, John Paul Adrian Glaubitz wrote:
>> On Aug 19, 2022, at 3:59 PM, Daniel Kiper <dkiper@net-space.pl= > wrote:
>>
>> If I do not hear any major objections in the following weeks I wil= l
>> merge this patch or a variant of it in the second half of Septembe= r.
>
>We=E2=80=99re still formatting our /boot partitions for Debian PowerPC = for
>PowerMacs using HFS, so this change would be a breaking change for
>us.
>
>So, that would be a no from Debian=E2=80=99s side.

Not so fast please, Adrian. At the risk of sounding harsh, non-release
old ports like powerpc *really* don't get to dictate things in Debian terms.
But booting old machin= es is still desirable for GRUB. Is there a reason why HFS is actively bad f= or modern machines? Especially if it's disabled in case of lockdown.
Can I have more details about your security concerns? = I may consider rewriting parts of HFS code to improve it.=C2=A0

As Daniel Axtens has been finding out, the HFS code is terrible in
terms of security. If you still need it for old/semi-dead machines,
maybe you should fork an older grub release and stay with that?

--
Steve McIntyre, Cambridge, UK.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 steve@ein= val.com
=C2=A0 Getting a SCSI chain working is perfectly simple if you remember tha= t there
=C2=A0 must be exactly three terminations: one on one end of the cable, one= on the
=C2=A0 far end, and the goat, terminated over the SCSI chain with a silver-= handled
=C2=A0 knife whilst burning *black* candles. --- Anthony DeBoer


_______________________________________________
Grub-devel mailing list
= Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/g= rub-devel
--000000000000be143305e69cbaf6--