Linux Foundation will launch a boot loader to bypass the limitations of UEFI Secure Boot
Microsoft's requirement to include UEFI secure boot protection in devices certified as compatible with Windows 8 has caused serious concern in the open source community. The Free Software Foundation issued a statement condemning "limited download." The need to manually install keys or disable the secure boot in order to install an unsigned * nix distribution can make it more difficult and inconvenient to install. Moreover, it is possible the emergence of devices that generally will not allow to install unsigned systems.
To protect free software from possible discrimination, the Linux Foundation is developing a special preloader, which will be freely available on the Linux Foundation website after it is signed by Microsoft. This bootloader will save the user from having to figure out how to install keys or disable the secure boot. He will only ask for permission and, upon receiving it, sign and download anything. Thus, the Linux Foundation consortium implements, on its own, recommendations that a year ago he gave to OEMs .
The Linux Foundation welcomes the attempts of large distributions ( Fedora , SUSE , Ubuntu ) to use the advantages of the UEFI secure boot in the regular mode, with signing not only the bootloader, but other code directly working with hardware. A preloader that enables the download of any unsigned code is a temporary measure aimed at enabling the creators of all distributions to calmly work out a policy for working with secure boot without fear that their system will cease to be installed on Win8-certified devices.
Download the bootloader sources from this repository:
')
git: //git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git
(Loader.c file).
Details are in the blog of James Bottomley, a member of the Linux Foundation Technical Advisory Board.
To protect free software from possible discrimination, the Linux Foundation is developing a special preloader, which will be freely available on the Linux Foundation website after it is signed by Microsoft. This bootloader will save the user from having to figure out how to install keys or disable the secure boot. He will only ask for permission and, upon receiving it, sign and download anything. Thus, the Linux Foundation consortium implements, on its own, recommendations that a year ago he gave to OEMs .
The Linux Foundation welcomes the attempts of large distributions ( Fedora , SUSE , Ubuntu ) to use the advantages of the UEFI secure boot in the regular mode, with signing not only the bootloader, but other code directly working with hardware. A preloader that enables the download of any unsigned code is a temporary measure aimed at enabling the creators of all distributions to calmly work out a policy for working with secure boot without fear that their system will cease to be installed on Win8-certified devices.
Download the bootloader sources from this repository:
')
git: //git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git
(Loader.c file).
Details are in the blog of James Bottomley, a member of the Linux Foundation Technical Advisory Board.
Source: https://habr.com/ru/post/154507/
All Articles