List Archive: gentoo-dev
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On Tue, Jun 19, 2012 at 6:11 PM, Richard Yao <firstname.lastname@example.org> wrote:
> I know that the Core Boot project also tries to accomplish this, but their development process is slow and their approach seems to make the boot process more complicated than it needs to be. Since Secure Boot will force us to flash our BIOS chips (or stick to old hardware), I think it would be worthwhile to develop our own solution by extending genkernel. This should have the benefit of making our systems boot faster.
So, replacing a BIOS is a fairly tall order - I'm not convinced that
Core Boot is slow simply because they're doing it wrong. They're also
looking to add value (like booting a diskless server off of a random
website or whatever - not just simple disk/PXE like most BIOS). My
understanding is that clusters are one of their big use cases.
I also don't get the claim that we need to flash our BIOS chips to get
around secure boot. If you don't want to use secure boot just disable
it - it is no harder than changing your boot device order, system
time, or any of a myriad of other firmware settings. It gets more
complicated if you want to keep secure boot but boot your own OS,
since you have to manage the keys/signing/etc.
Nothing is keeping anybody from creating their own firmware. However,
I doubt we'll see 25 devs take this on as a full-time job, which is
probably what it would take to support the bazillions of boards out
there. Keep in mind that many motherboard vendors require signed
firmware so you'll need to find an exploit for every make/model out
there to even load your firmware. That seems a bit much compared to
just disabling secure boot...