Gentoo Archives: gentoo-dev

From: Richard Yao <ryao@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Re: Killing UEFI Secure Boot
Date: Thu, 21 Jun 2012 15:07:59
In Reply to: Re: [gentoo-dev] Re: Killing UEFI Secure Boot by Ian Stakenvicius
Hash: SHA1

On 06/21/2012 11:00 AM, Ian Stakenvicius wrote:
>> A firmware replacement for the BIOS does not need to worry about >> floppy drives, hard drives, optical drives, usb devices, isa >> devices, pci devices and pci express drives, etcetera, because >> those live on buses, which the kernel can detect. It would need >> a device tree to inform the kernel of what buses are available, >> but that would be specific to a given board, rather than what is >> attached to it. If the end user makes hardware changes, the >> kernel should be able to handle that, with the exception of >> changes involving RAM, which I believe go into the device tree. > > I take it the above statement is based on the kernel being > directly placed within the BIOS/firmware/nvram on the board, such > that you couldn't boot anything else but that kernel?
That is correct.
> Otherwise I don't see how you could get away with the BIOS not > worrying about all those devices.. IE, I don't forsee many general > x86 users giving up their ability to boot off usb stick or cdrom or > pxe based on a boot-time bios choice, or to boot windows or > alternative linux kernels (which could be located who knows where) > at whim. And I don't see how an alternative BIOS would be able to > provide this ability without dealing with all the things Duncan > mentioned...
An initramfs should be able to provide all of that functionality. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - iQIcBAEBAgAGBQJP4zgzAAoJECDuEZm+6ExkeSUP/0PrjZtnWvbdXpTYwTN/U1wq lVl/nx6mXAq6wwxrhgHMzMvzh68oxqAhZgOASLFoQnO92WbVJzxBZtxBQftR5TGV k5NGVKCLwVkIi7tQGLk3vLHo3l6MnmwCjmfSCSbr7VEqil2hgy5EwhUiWvibzKlp 34m9g75Z/JR/dMk7qcG7z2lvJNSDlL2Ufgqi5YPQqqmqsMHGi350ZM91dkilOkV2 OtBwJzD+JlvQl+ALBv33KmI37VslcB/ydcx08YfE6BuOkHdusOM6/Den4JUrmS2I WDvcejzgxjneOifoL+0hiM9ooG3L6Q19G3ZNSSqAit85P5ms6Cm9Bul2lO6+EiQu iwYLcH/5nwkVC/8bRaHvzTnSaKyvyip9lKzeZyD9fnsMirxV6R3T3aWyIwhBdb8E pe85C+n4Wd5n4nhuwQW8AP860yftco9aNSrx1uIb+PMEi38+yLTwNjrR/shQ7RcK 76mpWIWat/YpLRNF9Va7PN3FaslsTGVyQdgcBtci9S9IXWhwGyc7ZDS7DIq7CYTT 9pE9dYqDOmEl0kWt5e4EgrjD4ibwhOsvddBJBcW2spphnRBuHwkzdp7K7pW3KX1z Wj4triKllBLwMJvIcDk6Nv0tm0YO+kzxDhEsjBajjDR48652ijF6RYLi2cV7Ui+9 Hnsvgz6oEc7sNL9VbPnZ =Aacv -----END PGP SIGNATURE-----


Subject Author
Re: [gentoo-dev] Re: Killing UEFI Secure Boot Roy Bamford <neddyseagoon@g.o>