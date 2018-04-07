Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Torvalds Opposes Tying UEFI Secure Boot to Kernel Lockdown Mode (phoronix.com) 12

Posted by EditorDavid from the kernel-mustered dept.
An anonymous reader quotes Phoronix: The kernel lockdown feature further restricts access to the kernel by user-space with what can be accessed or modified... Pairing that with UEFI SecureBoot unconditionally is meeting some resistance by Linus Torvalds. The goal of kernel lockdown, which Linus Torvalds doesn't have a problem with at all, comes down to "prevent both direct and indirect access to a running kernel image, attempting to protect against unauthorised modification of the kernel image and to prevent access to security and cryptographic data located in kernel memory, whilst still permitting driver modules to be loaded." But what has the Linux kernel creator upset with are developers trying to pair this unconditionally with UEFI SecureBoot. Linus describes Secure Boot as being "pushed in your face by people with an agenda." But his real problem is that Secure Boot would then imply Kernel Lockdown mode... "Tying these things magically together IS A BAD IDEA."

  • Essentially (Score:3)

    by 110010001000 ( 697113 ) on Saturday April 07, 2018 @06:11PM (#56399089) Homepage Journal
    Essentially what the corporations want is for people to only user the Internet via locked down ("approved" or "secure" devices). These devices will only have cloud based storage available and everything will be streamed from servers and the consumer will only need to pay a monthly fee for all this goodness. If you don't think this will happen, think of the children, or the terrorists, or the terrorist children, or security, or whatever the problem is this week.

  • Trump will be tied to a prison toilet (Score:1)

    by Anonymous Coward

    because he's full of shit and that's where he belongs.

  • Thanks for the summary (Score:1)

    by Anonymous Coward

    What does any of this mean?

    • Kernel Lockdown protects the kernel.

      Secure Boot protects against malware and malicious hardware, as well as teenagers with Linux on USB thumb drives bypassing security altogether.

      Together they are supposed to make it impossible to bypass or break the core things, which is supposed to make a computer more secure.

      Of course adding security breaks things. Such as open source drivers for hardware for which drivers do not exist. Which means that those needing exemptions to the security will lose both, not

