Commit 7bea7cb1 authored by intrigeri's avatar intrigeri
Browse files

Secure Boot: add links and reorganize.

parent 3eace165
......@@ -16,28 +16,34 @@ relatively easy.
Resources
=========
* Debian's Secure Boot support will be done for GRUB first, unclear if
other bootloaders will be supported
* Debian's [[!debwiki SecureBoot desc="Secure Boot support"]] will be
done for GRUB first, unclear if other bootloaders will be supported
- tracker bug: [[!debbug 820036]]
- shim is [[!debpts shim-signed desc="in Debian"]] (signed by the
Microsoft UEFI CA) but grub2-signed is not ([[!debbug 820050 desc="RFP bug"]]).
* How other distros do it:
- [Ubuntu](https://wiki.ubuntu.com/UEFI/SecureBoot)
- [ArchLinux](https://wiki.archlinux.org/index.php/Secure_Boot)
- [Fedora](https://fedoraproject.org/wiki/Features/SecureBoot)
- [ALT Linux' SecureBoot mini HOWTO](http://en.altlinux.org/UEFI_SecureBoot_mini-HOWTO) and
[their](http://git.altlinux.org/people/mike/packages/?p=mkimage.git;a=blob;f=tools/mki-copy-efiboot;h=1ca6b0137c7488ae50540b027cf4a541074daba5;hb=HEAD)
[scripts](http://git.altlinux.org/people/mike/packages/?p=mkimage.git;a=blob;f=tools/mki-pack-isoboot;h=85ca988c6aab94e3c44e64519baf2231e39d8d24;hb=HEAD)
- [Ubuntu Privacy Remix](https://www.privacy-cd.org/)'s next release
(UPR 12.04r1) will support UEFI; a beta is available; they copied
the solution from Ubuntu 13.10 (beta): the shim bootloader and
a corresponding GRUB binary which passes secure boot. See their
[build script](https://www.privacy-cd.org/en/tutorials/build-your-own-cd/79).
* Matthew Garrett:
- [Handling UEFI Secure Boot in smaller distributions](http://mjg59.dreamwidth.org/17542.html)
- [Secure Boot bootloader for distributions available now](http://mjg59.dreamwidth.org/20303.html)
- [An overview of Fedora's Secure Boot implementation](http://mjg59.dreamwidth.org/18945.html)
- [Terse howto for getting a signed shim](http://mjg59.dreamwidth.org/20303.html?thread=783183#cmt783183)
* [Ubuntu Privacy Remix](https://www.privacy-cd.org/)'s next release
(UPR 12.04r1) will support UEFI; a beta is available; they copied
the solution from Ubuntu 13.10 (beta): the shim bootloader and
a corresponding GRUB binary which passes secure boot. See their
[build script](https://www.privacy-cd.org/en/tutorials/build-your-own-cd/79).
* [Managing EFI Boot Loaders for Linux by Rod Smith](http://www.rodsbooks.com/efi-bootloaders/index.html)
* shim is [[!debpts shim-signed desc="in Debian"]] (signed by the
Microsoft UEFI CA)
* GRUB 2.04 will support UEFI Secure Boot
* [Booting a Self-signed Linux
Kernel](http://www.kroah.com/log/blog/2013/09/02/booting-a-self-signed-linux-kernel/),
by Greg Kroah-Hartman
* Linux Foundation's
[Making UEFI Secure Boot Work With Open Platforms](http://linuxfoundation.org/publications/making-uefi-secure-boot-work-with-open-platforms)
* [ALT Linux' SecureBoot mini HOWTO](http://en.altlinux.org/UEFI_SecureBoot_mini-HOWTO) and
[their](http://git.altlinux.org/people/mike/packages/?p=mkimage.git;a=blob;f=tools/mki-copy-efiboot;h=1ca6b0137c7488ae50540b027cf4a541074daba5;hb=HEAD)
[scripts](http://git.altlinux.org/people/mike/packages/?p=mkimage.git;a=blob;f=tools/mki-pack-isoboot;h=85ca988c6aab94e3c44e64519baf2231e39d8d24;hb=HEAD)
* [Automating Secure Boot Testing](https://www.youtube.com/watch?v=qtyRR-KbXYQ):
how Red Hat does CI for Secure Boot (FOSDEM 2018)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment