On 3/2/23 01:22, Jiri Slaby wrote:
Hi all,
just so you know, as per bug 1198101, the kernel for Tumbleweed received patchset for locked down kernel (see the bug). This will be a part of the 6.2.1 submission (SR#1068171).
Few notes: * Hibernation does not work when secure boot is enabled (bug 1208766) * Leap inherited/contains this patchset long from SLE time ago.
regards,
Worth also keeping in mind secure-boot is no panacea. Posted this to the general list, but it is also worth considering here looking forward: https://www.theregister.com/2023/03/01/blacklotus_malware_eset/ While that article regard windows, the same would likely apply to the unified kernel image if the system is hijacked before it loads. -- David C. Rankin, J.D.,P.E.