Kdump with signed images

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Kdump with signed images
From: mjg@xxxxxxxxxx (Matthew Garrett)
Date: Tue, 23 Oct 2012 17:31:25 +0100
In-reply-to: <87fw552mb4.fsf_-_@xmission.com>
References: <1350588121.30243.7.camel@rhapsody> <20121018193831.GD18147@redhat.com> <874nlrv2ni.fsf@xmission.com> <20121019020630.GA27052@redhat.com> <877gqnnnf0.fsf@xmission.com> <20121019143112.GB27052@redhat.com> <871ugqb4gj.fsf@xmission.com> <20121023131854.GA16496@redhat.com> <20121023145920.GD16496@redhat.com> <87fw552mb4.fsf_-_@xmission.com>

On Tue, Oct 23, 2012 at 09:19:27AM -0700, Eric W. Biederman wrote:
> No.  UEFI secure boot has absolutely nothing todo with this.
> 
> UEFI secure boot is about not being able to hijack the code EFI runs
> directly.  Full stop.

No. It's about ensuring that no untrusted code can be run before any OS 
kernel, which means that no untrusted code can run *in* any OS kernel.

-- 
Matthew Garrett | mjg59 at srcf.ucam.org

Follow-Ups:
- Kdump with signed images
  - From: Eric W. Biederman

References:
- [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting
  - From: Khalid Aziz
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Vivek Goyal
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Eric W. Biederman
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Vivek Goyal
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Eric W. Biederman
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Vivek Goyal
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Eric W. Biederman
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Vivek Goyal
- [RFC] Kdump with UEFI secure boot (Re: [PATCH v2] kdump: pass acpi_rsdp= to 2nd kernel for efi booting)
  - From: Vivek Goyal
- Kdump with signed images
  - From: Eric W. Biederman

Prev by Date: [RFC] Kdump with signed images.
Next by Date: [RFC] Kdump with signed images
Previous by thread: Kdump with signed images
Next by thread: Kdump with signed images
Index(es):
- Date
- Thread

[Index of Archives] [LM Sensors] [Linux Sound] [ALSA Users] [ALSA Devel] [Linux Audio Users] [Linux Media] [Kernel] [Gimp] [Yosemite News] [Linux Media]