dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
781

FF4m3
@rr.com

FF4m3

Anon

Secure Boot Breaks Kexec, Hibernate Support On Linux

From Phoronix - January 28, 2013:

A set of "controversial" patches were published by Matthew Garrett this morning for the Linux kernel. One of the patch series will disable the kernel's support for kexec and hibernate support when running in a UEFI Secure Boot environment.

Details and links at site.

chrisretusn
Retired
Premium Member
join:2007-08-13
Philippines

1 edit

1 recommendation

chrisretusn

Premium Member

All the more reason why if I have to buy a board with it, I will make sure I can disable it. who needs it anyway. I certainly don't need it.
mich64
join:2008-08-30

1 recommendation

mich64 to FF4m3

Member

to FF4m3
Usual Phoronix B$.

TL;DR version: Somebody pointed out that "secure boot" isn't really secure if one can use kexec to boot "untrusted" kernel from a "trusted" kernel. He posted a "proof of concept" patch which makes Linux more "secure" by refusing to kexec "untrusted" kernels. Nobody is going to merge this patch because nobody cares.

Maxo
Your tax dollars at work.
Premium Member
join:2002-11-04
Tallahassee, FL

Maxo

Premium Member

said by mich64:

Usual Phoronix B$.

They're like the Fox news of tech.
OZO
Premium Member
join:2003-01-17

OZO to chrisretusn

Premium Member

to chrisretusn
said by chrisretusn:

All the more reason why if I have to buy a board with it, I will make sure I can disable it. who needs it anyway. I certainly don't needed.

The same is here. I just don't understand why I'd consciously want to lock my computer to one OS. It's like asking to lock cell phone to one provider and not allow to use it with others. I could understand why provider wants it. But me??? Nevertheless, there will always be some folks, who may justify even that (see this thread)....

rexbinary
MOD King
Premium Member
join:2005-01-26
Plano, TX

rexbinary

Premium Member

This whole secure boot thing probably started when an IT guy trying to look cool told an Exec at his company "Hey watch this!" and booted a Knoppix CD or thumbdrive on one of the corporate PCs in front of him.
Expand your moderator at work