Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Matthew Garrett Elaborates More On Lockdown + Secure Boot Pairing

Written by Michael Larabel in Linux Kernel on 5 April 2018 at 05:29 AM EDT. 22 Comments

LINUX KERNEL

A few days back we covered the heated exchange on the kernel mailing list over the path being pursued by the Linux kernel "lockdown" patches. Those back and forth messages between Google's Matthew Garrett and Linus Torvalds have now spilled over into a blog post by Garrett.

Linus Torvalds isn't against the kernel lockdown patches, he just is against it being explicitly enabled with UEFI SecureBoot and can't be easily turned off in that scenario. Matthew Garrett has written a blog post to lay out the case for UEFI SecureBoot with the lockdown functionality.

His argument is that what distributions wants, "The reason it's integrated with UEFI secure boot is because that's the policy most distributions want, since the alternative is to enable it everywhere even when it doesn't provide real benefits but does provide additional support overhead. You can use it even if you're not using UEFI secure boot. We should have just called it securelevel."

The post in full can be read on Dreamwidth.org.

22 Comments

Related News

Linux 6.11 Is Looking Good In Early Benchmarks On AMD Ryzen Threadripper

Rust Is Ready With Robust Toolchain Handling For Linux 6.11

Linux 6.11 Lands Support For getrandom() In The vDSO

Linux 6.11 "MM" Patches Include Many Improvements, A 10x Speedup For One Optimization

XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer

AVX-512/AVX10 & VAES Optimized AES-GCM Implementation Lands In Linux 6.11

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

EXT4 Has A Very Nice Performance Optimization For Linux 6.11

systemd Talks Up Automatic Boot Assessment In Light Of The Crowdstrike-Microsoft Outage

XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer

New Linux Patches Enable The Snapdragon X1 Elite Powered Lenovo ThinkPad T14s Gen 6

KDE Developers Tackle The Five Most Common Plasma Crashes

USB & Thunderbolt Improvements Land In Linux 6.11

VirtualBox 7.1 Beta Released With Modernized GUI, Wayland Support For Clipboard Sharing

NVIDIA 560 Linux Driver Beta Released - Defaults To Open GPU Kernel Modules