[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #51418] Support for opal specification self-encrypting disks and pr
From: |
J Broussard |
Subject: |
[bug #51418] Support for opal specification self-encrypting disks and pre-boot authentication |
Date: |
Sat, 8 Jul 2017 12:46:16 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 |
URL:
<http://savannah.gnu.org/bugs/?51418>
Summary: Support for opal specification self-encrypting disks
and pre-boot authentication
Project: GNU GRUB
Submitted by: daijizai
Submitted on: Sat 08 Jul 2017 04:46:15 PM UTC
Category: Security
Severity: Major
Priority: 5 - Normal
Item Group: Feature Request
Status: None
Privacy: Public
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release:
Release: other
Reproducibility: None
Planned Release: None
_______________________________________________________
Details:
Opal drives load an initial EFI from a secure MBR which then unlocks the drive
and allows access to the disk.
While a GNU Linux solution exists (https://github.com/sedutil/sedutil), it
requires a soft reboot after unlocking from the pre-boot authentication (PBA)
image instead of chainloading the unlocked EFI partition. On some machines
this relocks the disk.
With the inclusion of new OPAL support code in the 4.11 Linux kernel release
it makes sense that new supporting features should be added to recognized
bootloaders to allow the community to take advantage of a feature available to
Windows users for years.
The GRUB project should consider creating an opal compatible PBA image for use
with self-encrypting disks to unlock the drive and chainload the primary grub
installation.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?51418>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug #51418] Support for opal specification self-encrypting disks and pre-boot authentication,
J Broussard <=