[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security
H. Peter Anvin
hpa at zytor.com
Fri Jun 22 00:19:20 UTC 2012
On 06/21/2012 05:13 PM, James Morris wrote:
> On Thu, 21 Jun 2012, Matthew Garrett wrote:
>> We need to talk about what the kernel needs to provide for UEFI secure
>> boot to be possible, since the alternative is miserable failure and
>> Linux no longer working on x86 unless people play with the firmware.
>> That's going to involve at the very least locking down module loading
>> and various kernel interfaces, but figuring out what else needs to be
>> covered is fairly important.
> Sounds like a good topic for discussion across subystems.
> I'd suggest hammering out an agenda and presenting a brief overview
> to start, to try and keep the discussion on track.
There are the general EFI topic, the general security topic, and
EFI-specific secure boot... I think the general security topic would be
good to separate out from the EFI-specific stuff, plus the whole general
EFI discussion really needs to be had (I once again suggest it for a
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.
More information about the Ksummit-2012-discuss