blob: a18f600991e4062d7db1dd73ce4ebe6aed924e26 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
Hardening startimage:
- Don't allow non-participating bootloaders/kernels to call
ExitBootServices(), but trap in StartImage() so we can let them do
that.
Versioned protocol:
- Make shim and the bootloaders using it express how enlightened they
are to one another, so we can stop earlier without tricks like
the one above
MokListRT containing shim key:
- MokListRT has to contain the shim key...
MokListRT signing:
- For kexec and hybernate to work right, MokListRT probably needs to
be an authenticated variable. It's probable this needs to be done
in the kernel boot stub instead, just because it'll need an
ephemeral key to be generated, and that means we need some entropy
to build up.
Better ui:
- Gary Lin at SuSE is working on better UI for MokManager. It
desperately needs it.
James's modification:
- We're merging James Bottomley's hack to make shim use unpublished
system crypto services, as a compile time option.
New security protocol:
- TBD
kexec MoK Management:
Modsign enforcement mgmt MoK:
- This is part of the plan for SecureBoot patches. Basically these
features need to be disableable/enableable in MokManager.
Variable for debug:
- basically we need to be able to set a UEFI variable and get debug
output.
Db key mokutil config:
- Asked for by Mimi Zohar: An (on/off) option that would prevent the shim
and the kernel from trusting keys listed in 'db' and only use those coming
from the MOK List.
Hashing of option roms:
- hash option roms and add them to MokListRT
- probably belongs in MokManager
|
