dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
582
share rss forum feed


FF4m3

@rr.com

Secure Boot Breaks Kexec, Hibernate Support On Linux

From Phoronix - January 28, 2013:

A set of "controversial" patches were published by Matthew Garrett this morning for the Linux kernel. One of the patch series will disable the kernel's support for kexec and hibernate support when running in a UEFI Secure Boot environment.

Details and links at site.


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1

1 edit

1 recommendation

All the more reason why if I have to buy a board with it, I will make sure I can disable it. who needs it anyway. I certainly don't need it.
--
Chris
Living in Paradise!!


mich

join:2008-08-30

1 recommendation

reply to FF4m3

Usual Phoronix B$.

TL;DR version: Somebody pointed out that "secure boot" isn't really secure if one can use kexec to boot "untrusted" kernel from a "trusted" kernel. He posted a "proof of concept" patch which makes Linux more "secure" by refusing to kexec "untrusted" kernels. Nobody is going to merge this patch because nobody cares.



Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL

said by mich:

Usual Phoronix B$.

They're like the Fox news of tech.

OZO
Premium
join:2003-01-17
kudos:2
reply to chrisretusn

said by chrisretusn:

All the more reason why if I have to buy a board with it, I will make sure I can disable it. who needs it anyway. I certainly don't needed.

The same is here. I just don't understand why I'd consciously want to lock my computer to one OS. It's like asking to lock cell phone to one provider and not allow to use it with others. I could understand why provider wants it. But me??? Nevertheless, there will always be some folks, who may justify even that (see this thread)....
--
Keep it simple, it'll become complex by itself...


rexbinary
Mod King
Premium
join:2005-01-26
Plano, TX

This whole secure boot thing probably started when an IT guy trying to look cool told an Exec at his company "Hey watch this!" and booted a Knoppix CD or thumbdrive on one of the corporate PCs in front of him.

Expand your moderator at work