Announcement

Collapse
No announcement yet.

Fedora Will End Up Supporting The NVIDIA Driver With Secure Boot

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fedora Will End Up Supporting The NVIDIA Driver With Secure Boot

    Phoronix: Fedora Will End Up Supporting The NVIDIA Driver With Secure Boot

    Installing the NVIDIA proprietary graphics driver stack on Fedora currently doesn't jive with UEFI Secure Boot systems and can lead to the OS being unbootable. As such, the NVIDIA driver option was previously removed from GNOME Software. But as the NVIDIA driver is still widely sought after on Fedora by Linux gamers and those wanting to run CUDA/AI workloads especially, Fedora 41 is now cleared to roll-out NVIDIA driver support with UEFI Secure Boot integration...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    This is how Ubuntu handles things. A reasonable solution, especially since NVK is still very much a new driver.

    Comment


    • #3
      Nice to see that Fedora finally joins the likes of openSUSE with seccure boot enabled nvidia drivers.

      Comment


      • #4
        Excuse me while I try in vain to find my "shocked" face concerning this matter....which like most matters is just a matter of time.

        Comment


        • #5
          Is there any reason they can't just sign the NVIDIA modules using the official Fedora key and ship them with the ISO?

          Comment


          • #6
            Originally posted by QwertyChouskie View Post
            This is how Ubuntu handles things. A reasonable solution, especially since NVK is still very much a new driver.
            Ubuntu uses precompiled kernel modules that are signed, needs no user interaction. Will allow for Secure Boot if you select third party drivers in the installer with no need for the end user to configure their BIOS which is how it should be.

            Comment


            • #7
              It's over *insert soyjak"

              Comment


              • #8
                Originally posted by AKoskovich View Post

                Ubuntu uses precompiled kernel modules that are signed, needs no user interaction. Will allow for Secure Boot if you select third party drivers in the installer with no need for the end user to configure their BIOS which is how it should be.
                Not last I tried to use the Nvidia driver with Secure Boot. Unless something changed in the past year or so, but I expect I would have seen some news item somewhere if Canonical was signing Nvidia drivers with the Linux Secure Boot key.

                Comment


                • #9
                  Originally posted by QwertyChouskie View Post

                  Not last I tried to use the Nvidia driver with Secure Boot. Unless something changed in the past year or so, but I expect I would have seen some news item somewhere if Canonical was signing Nvidia drivers with the Linux Secure Boot key.
                  Ubuntu offers both DKMS packages, and precompiled signed packages.


                  If your system uses Secure Boot (as most x86 modern systems do), your kernel will require the kernel modules to be signed. There are two (mutually exclusive) ways to achieve this.

                  Installing the pre-compiled NVIDIA modules for your kernel
                  Building your own kernel modules using the NVIDIA DKMS package
                  Last edited by AKoskovich; 16 July 2024, 07:35 PM.

                  Comment


                  • #10
                    There was no support, this proposal is just bullocks.

                    1. By default a system with an Nvidia GPU is unsuitable for Fedora (before the OS is installed there's no way to generate and import a MOK) unless secure boot is disabled in bios.
                    2. The user mustn't deal with something so complex and brittle.
                    3. If the user is somehow able to sign kernel modules, malware running on the same system will most likely be able to do the same which will render secure boot void and null.

                    Fedora is 100% capable of signing the Nvidia driver themselves, they are just not willing to.

                    Another day when Linux loses in a major way.

                    Comment

                    Working...
                    X