[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security

H. Peter Anvin hpa at zytor.com
Fri Jun 22 00:19:20 UTC 2012

On 06/21/2012 05:13 PM, James Morris wrote:
> On Thu, 21 Jun 2012, Matthew Garrett wrote:
>> We need to talk about what the kernel needs to provide for UEFI secure 
>> boot to be possible, since the alternative is miserable failure and 
>> Linux no longer working on x86 unless people play with the firmware. 
>> That's going to involve at the very least locking down module loading 
>> and various kernel interfaces, but figuring out what else needs to be 
>> covered is fairly important.
> Sounds like a good topic for discussion across subystems.
> I'd suggest hammering out an agenda and presenting a brief overview 
> to start, to try and keep the discussion on track.

There are the general EFI topic, the general security topic, and
EFI-specific secure boot... I think the general security topic would be
good to separate out from the EFI-specific stuff, plus the whole general
EFI discussion really needs to be had (I once again suggest it for a
breakout session.)


H. Peter Anvin, Intel Open Source Technology Center
I work for Intel.  I don't speak on their behalf.

More information about the Ksummit-2012-discuss mailing list