[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security

Rafael J. Wysocki rjw at sisk.pl
Thu Jun 21 21:10:12 UTC 2012


On Thursday, June 21, 2012, Matthew Garrett wrote:
> Expertise:
> 
> UEFI, ACPI, x86 interactions with them. Power management.
> 
> Discussion:
> 
> We need to talk about what the kernel needs to provide for UEFI secure 
> boot to be possible, since the alternative is miserable failure and 
> Linux no longer working on x86 unless people play with the firmware. 
> That's going to involve at the very least locking down module loading 
> and various kernel interfaces, but figuring out what else needs to be 
> covered is fairly important.

Agreed.

> I'd also like to figure out what the plans are going to be for dealing 
> with EFI and ACPI on non-x86 architectures. Right now EFI is in a 
> dreadful state - large parts of the code are duplicated between ia64, 
> ia32 and x86_64 and everything except x86_64 is bitrotting.
> 
> ACPI-wise, we need to be able to handle hardware that might ship with 
> either ACPI or FDT - that's potentially problematic for drivers. We 
> already have the issue on x86 that a driver for an ACPI device can be 
> written as an ACPI driver or a PNP driver and you get different 
> functionality with both. We should concentrate on merging firmware data 
> sources into one more comprehensive model and just port all the drivers 
> to that, but various people need to be involved in that conversation.

Agreed again and I'm definitely interested in this topic.

Thanks,
Rafael


More information about the Ksummit-2012-discuss mailing list