Mailinglist Archive: opensuse-factory (883 mails)
| < Previous | Next > |
[opensuse-factory] UEFI Secure Boot in Fedora
- From: Tim Serong <tserong@xxxxxxxx>
- Date: Thu, 31 May 2012 17:34:04 +1000
- Message-id: <4FC71EEC.1080204@suse.com>
Juat a heads-up for those who didn't see it yet:
Implementing UEFI Secure Boot in Fedora
http://mjg59.dreamwidth.org/12368.html
TL;DR:
- All Windows 8 hardware will ship with secure boot enabled.
- Fedora doesn't want to have to make users fiddle with their firmware
settings in order to run Fedora, so must support secure boot.
- They're doing a multi-layer thing:
- A tiny bootloader, signed with a microsoft key, loads:
- a real bootloader (grub 2), signed with a fedora key which loads:
- the kernel (& thus modules), also signed with fedora keys.
Presumably it's worth evaluating this to see if a similar approach is
suitable for openSUSE.
Regards,
Tim
--
Tim Serong
Senior Clustering Engineer
SUSE
tserong@xxxxxxxx
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
Implementing UEFI Secure Boot in Fedora
http://mjg59.dreamwidth.org/12368.html
TL;DR:
- All Windows 8 hardware will ship with secure boot enabled.
- Fedora doesn't want to have to make users fiddle with their firmware
settings in order to run Fedora, so must support secure boot.
- They're doing a multi-layer thing:
- A tiny bootloader, signed with a microsoft key, loads:
- a real bootloader (grub 2), signed with a fedora key which loads:
- the kernel (& thus modules), also signed with fedora keys.
Presumably it's worth evaluating this to see if a similar approach is
suitable for openSUSE.
Regards,
Tim
--
Tim Serong
Senior Clustering Engineer
SUSE
tserong@xxxxxxxx
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
| < Previous | Next > |