Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-dev@g.o
From: gregkh@g.o
Subject: Re: UEFI secure boot and Gentoo
Date: Fri, 15 Jun 2012 17:03:40 -0700
On Fri, Jun 15, 2012 at 09:26:07AM +0200, Michał Górny wrote:
> On Thu, 14 Jun 2012 21:56:04 -0700
> Greg KH <gregkh@g.o> wrote:
> 
> > On Fri, Jun 15, 2012 at 10:15:28AM +0530, Arun Raghavan wrote:
> > > On 15 June 2012 09:58, Greg KH <gregkh@g.o> wrote:
> > > > So, anyone been thinking about this?  I have, and it's not pretty.
> > > >
> > > > Should I worry about this and how it affects Gentoo, or not worry
> > > > about Gentoo right now and just focus on the other issues?
> > > 
> > > I think it at least makes sense to talk about it, and work out what
> > > we can and cannot do.
> > > 
> > > I guess we're in an especially bad position since everybody builds
> > > their own bootloader. Is there /any/ viable solution that allows
> > > people to continue doing this short of distributing a first-stage
> > > bootloader blob?
> > 
> > Distributing a first-stage bootloader blob, that is signed by
> > Microsoft, or someone, seems to be the only way to easily handle this.
> 
> Maybe we could get one such a blob for all distros/systems?
> 
> Also, does this signature system have any restrictions on what is
> signed and what is not? In other words, will they actually sign a blob
> saying 'work-around signatures' on the top?

It is uncertian at the moment what the requirements are, I'm trying to
nail this down.  But, in order to protect all other companies, I imagine
they are going to be pretty restrictive, otherwise it really makes no
sense at all to have this in the first place.

greg k-h


References:
UEFI secure boot and Gentoo
-- Greg KH
Re: UEFI secure boot and Gentoo
-- Arun Raghavan
Re: UEFI secure boot and Gentoo
-- Greg KH
Re: UEFI secure boot and Gentoo
-- Michał Górny
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: UEFI secure boot and Gentoo
Next by thread:
Re: UEFI secure boot and Gentoo
Previous by date:
Re: UEFI secure boot and Gentoo
Next by date:
Re: UEFI secure boot and Gentoo


Updated Jun 29, 2012

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.