Gentoo Archives: gentoo-dev

From: "Michał Górny" <mgorny@g.o>
To: gentoo-dev@l.g.o
Cc: gregkh@g.o
Subject: Re: [gentoo-dev] UEFI secure boot and Gentoo
Date: Fri, 15 Jun 2012 07:25:48
Message-Id: 20120615092607.68e5ddf0@pomiocik.lan
In Reply to: Re: [gentoo-dev] UEFI secure boot and Gentoo by Greg KH
1 On Thu, 14 Jun 2012 21:56:04 -0700
2 Greg KH <gregkh@g.o> wrote:
3
4 > On Fri, Jun 15, 2012 at 10:15:28AM +0530, Arun Raghavan wrote:
5 > > On 15 June 2012 09:58, Greg KH <gregkh@g.o> wrote:
6 > > > So, anyone been thinking about this?  I have, and it's not pretty.
7 > > >
8 > > > Should I worry about this and how it affects Gentoo, or not worry
9 > > > about Gentoo right now and just focus on the other issues?
10 > >
11 > > I think it at least makes sense to talk about it, and work out what
12 > > we can and cannot do.
13 > >
14 > > I guess we're in an especially bad position since everybody builds
15 > > their own bootloader. Is there /any/ viable solution that allows
16 > > people to continue doing this short of distributing a first-stage
17 > > bootloader blob?
18 >
19 > Distributing a first-stage bootloader blob, that is signed by
20 > Microsoft, or someone, seems to be the only way to easily handle this.
21
22 Maybe we could get one such a blob for all distros/systems?
23
24 Also, does this signature system have any restrictions on what is
25 signed and what is not? In other words, will they actually sign a blob
26 saying 'work-around signatures' on the top?
27
28 --
29 Best regards,
30 Michał Górny

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] UEFI secure boot and Gentoo Florian Philipp <lists@×××××××××××.net>
Re: [gentoo-dev] UEFI secure boot and Gentoo gregkh@g.o