1 |
Am 16.06.2012 01:59, schrieb Greg KH: |
2 |
> On Fri, Jun 15, 2012 at 09:49:01AM +0200, Florian Philipp wrote: |
3 |
>> Am 15.06.2012 09:26, schrieb Michał Górny: |
4 |
>>> On Thu, 14 Jun 2012 21:56:04 -0700 Greg KH <gregkh@g.o> wrote: |
5 |
>>>> On Fri, Jun 15, 2012 at 10:15:28AM +0530, Arun Raghavan wrote: |
6 |
>>>>> On 15 June 2012 09:58, Greg KH <gregkh@g.o> wrote: |
7 |
>>>>>> So, anyone been thinking about this? I have, and it's not pretty. |
8 |
>>>>>> |
9 |
>>>>>> Should I worry about this and how it affects Gentoo, or not worry |
10 |
>>>>>> about Gentoo right now and just focus on the other issues? |
11 |
>>>>> |
12 |
>>>>> I think it at least makes sense to talk about it, and work out what |
13 |
>>>>> we can and cannot do. |
14 |
>>>>> |
15 |
>>>>> I guess we're in an especially bad position since everybody builds |
16 |
>>>>> their own bootloader. Is there /any/ viable solution that allows |
17 |
>>>>> people to continue doing this short of distributing a first-stage |
18 |
>>>>> bootloader blob? |
19 |
>>>> |
20 |
>>>> Distributing a first-stage bootloader blob, that is signed by |
21 |
>>>> Microsoft, or someone, seems to be the only way to easily handle this. |
22 |
>>> |
23 |
>>> Maybe we could get one such a blob for all distros/systems? |
24 |
>>> |
25 |
>> |
26 |
>> I guess nothing prevents you from re-distributing Fedora's blob. |
27 |
> |
28 |
> Fedora's blob will not boot your unsigned-with-fedoras-key kernel, so |
29 |
> redistributing it will not help anyone :( |
30 |
> |
31 |
|
32 |
I meant along with Fedora's kernel, signed binary modules and so forth. |
33 |
The whole kernel space. |