As promised, here is the Linux Foundation UEFI secure boot system.  This was actually released to us by Microsoft on Wednesday 6 February, but with travel, conferences and meetings I didn’t really get time to validate it all until today.  The files are here

I’ve also put together a mini-USB image that is bootable (just dd it on to any USB key; the image is gpt partitioned, so use the whole disk device).  It has an EFI shell where the kernel should be and uses gummiboot to load.  You can find it here (md5sum 7971231d133e41dd667a184c255b599f).

To use the mini-USB image, you have to enroll the hashes for loader.efi (in the \EFI\BOOT directory; actually gummiboot) as well as shell.efi (in the top level directory).  It also includes a copy of KeyTool.efi which you have to enrol the hash of to run as well.

What Happened to KeyTool.efi?

Originally this was going to be part of our signed release kit.  However, during testing Microsoft discovered that because of a bug in one of the UEFI platforms, it could be used to remove the platform key programmatically, which would rather subvert the UEFI security system.  Until we can resolve this (we’ve now got the particular vendor in the loop), they declined to sign KeyTool.efi although you can, of course, authorize it by hash in the MOK variables if you want to run it.

Let me know how this goes because I’m very interested to gather feedback about what works and what doesn’t work.  In particular, there’s a worry that the security protocol override might not work on some platforms, so I particularly want to know if it doesn’t work for you.

Linux Foundation Secure Boot System Released的更多相关文章

  1. 反Secure Boot垄断:兼谈如何在Windows 8电脑上安装Linux

    感谢HQSQ的投递一.自由软件基金会的呼吁上周,2012年将近结束的时候,自由软件基金会(FSF)发出呼吁,要求人们继续支持反Secure Boot垄断,希望签名者能达到5万人(目前是4万).我觉得, ...

  2. Linux secure boot(安全启动)时添加Nvidia显卡驱动

    开启Secure boot情况下,在Fedora 21下安装Nvidia 显卡驱动的方法. Nvidia显卡驱动可以从官网上下载最新版>> 点击进入 下载后添加可执行权限: #chmod ...

  3. UEFI、BIOS、Secure Boot的关系和知识介绍

      从Windows 8操作系统时代开始,安装操作系统的方法也有了很大的改变,Windows 8采用了Secure Boot引导启动的方式,而不是过去Win XP和Win 7的Legacy启动方式,从 ...

  4. Linux Foundation(笔记)

    /************************************************************* * Linux Foundation * 1. 总结一下Linux的基础内 ...

  5. secure boot(安全启动)下为内核模块签名

    上一篇随笔中提到了如何在secure boot下安装Nvidia显卡驱动 >>上一篇随笔 如果不需要安装Nvidia显卡驱动,而且要生成密钥,可以参考>> 这篇文章 这里假设生 ...

  6. 华硕笔记本之secure boot

    在ubuntu下安装cuda的时候,一直装不好,cuda-7.5.run已经装好了,但是编译cuda的例程时失败,提示cuda的库链接不上. 初步判断是secure boot的问题,因为在开启X的情况 ...

  7. Android Partitions Explained: boot, system, recovery, data, cache & misc

    from: http://www.addictivetips.com/mobile/android-partitions-explained-boot-system-recovery-data-cac ...

  8. 小米笔记本怎么关闭secure boot

    关闭Secure Boot的步骤: 一.关闭 "快速启动" 功能 1.右键-开始菜单- 电源选项,进入后 点击"选择电源按钮的功能". 2.进入电源选项设置后, ...

  9. Windows 上编译 corefx 源码生成 Linux 上可用的 System.Data.SqlClient.dll

    最近在排查一个奇怪的 EF Core 查询速度慢的问题,需要在 corefx 2.2.3 的 System.Data.SqlClient 源码中打点. github 上签出 corefx 的源代码,运 ...

随机推荐

  1. CSS禁止Chrome谷歌浏览器激活输入框后自动添加橘黄色边框

    Chrome默认会为所有的输入框加上橘黄色的边框,虽然有时候可以使我们的网站看起来更友好,但对自定义的样式是有影响的.当鼠标点击输入框时,在谷歌chrome浏览器中,光标移到输入框时激活输入框会被加上 ...

  2. PHP数组操作——获取数组最后一个值的方法

    php开发过程中,可能经常需要对取出的数组要获取数组的最后健或值.在这里总结了三个方法,并且跟据他们三个方法在一些情况下如何使用的条件限制进行了说明. <?php $array=array(1, ...

  3. WordPress D8 主题当中截取文章首图并显示的函数

    取自 WordPress D8 主题; 路径 theme\d8\modules ; if ( ! function_exists( 'deel_thumbnail' ) ) : function de ...

  4. C#黑白棋制作~

    前些天自己复习一下C#语言 做了个黑白棋,望大家看一下,可能有些bug嘿嘿 链接如下 http://files.cnblogs.com/files/flyingjun/%E9%BB%91%E7%99% ...

  5. 本博客css style

    #navList { min-height: 60px; } #navList li { height: 60px; } #navList a { margin: 0px 5px !important ...

  6. STM32固件库

    一.STM32固件库开发和传统寄存器开发方式的区别 二.CMSIS标准 CMSIS标准--Cortex Microcontroller Software Interface Standard,是ARM ...

  7. Http 状态码详解

    状态码 含义 100 客户端应当继续发送请求.这个临时响应是用来通知客户端它的部分请求已经被服务器接收,且仍未被拒绝.客户端应当继续发送请求的剩余部分,或者如果请求已经完成,忽略这个响应.服务器必须在 ...

  8. UI控件切圆角

    1. xib下设置View圆角 这个很简单, 只需要重写  - (void)drawRect:(CGRect)rect 方法就行了 1 2 3 4 5 6 - (void)drawRect:(CGRe ...

  9. uva 812 Trade on Verweggistan

    题意: 给w个货架, 每个货架上有bi个货物, 每次只能拿最上面的货物, 每个货物有个价值, 所有货物的售价均为10. 问:能获得的最大利润, 以及能获得这个利润需要多少个货物. (有多种组合时只需输 ...

  10. 关于回波损耗 和 驻波比的摘要 Return Loss and VSWR

    关于回波损耗 和 驻波比的摘要 以下摘自:http://www.soontai.com/cal_rtvswr.html RL = 20log((VSWR+1) / (VSWR-1)) VSWR = ( ...