Groklaw - Digging for Truth

	When you want to know more...

Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines

ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

You won't find me on Facebook

Donate

No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.

What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments

Sponsors

Hosting:

On servers donated to ibiblio by AMD.

Webmaster

Linus Torvalds Suggests How To Handle UEFI Secure Boot Crisis | 246 comments | Create New Account

Comments belong to whoever posts them. Please notify us of inappropriate comments.

Linus Torvalds Suggests How To Handle UEFI Secure Boot Crisis

Authored by: jjs on Sunday, March 03 2013 @ 04:19 PM EST

Linux already handles signed modules. What it does NOT handle in the kernel is
sgned PE format modules - because that is WINDOWS format (linux uses ELF). The
only reason to support PE in the kernel is to use MS signed modules, because MS
will only sign PE format modules. Since Red Hat / distributors can, right now,
today, build and sign their own distros, and since the LF shim enables them to
put their keys into UEFI, only if they want to run non-kernel binaries (Nvidia,
etc) do they need any extra steps. Linus already presented Red Hat with an
option - Red Hat can sign the modules with their key. Of course, that means Red
Hat taking responsibility for that uncheckable module.

Alternatively, buy hardware that does not require binary modules. Pressure
hardware companies towork with kernel devs to ensure linux natively supports
their hardware.

---
(Note IANAL, I don't play one on TV, etc, consult a practicing attorney, etc,
etc)

[ Reply to This | Parent | # ]

Linus Torvalds Suggests How To Handle UEFI Secure Boot Crisis - Authored by: jjs on Monday, March 04 2013 @ 06:57 AM EST
- Linus Torvalds Suggests How To Handle UEFI Secure Boot Crisis - Authored by: Anonymous on Monday, March 04 2013 @ 10:01 AM EST
  - Not manufacturers, legislators - Authored by: Wol on Monday, March 04 2013 @ 11:14 AM EST
    - Not manufacturers, legislators - Authored by: Anonymous on Monday, March 04 2013 @ 12:33 PM EST

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )