-
Welcome
-
Subscribe to
Third Party Module Signing for Secure Boot
*One Line Summary
Discuss the various methods for signing and using third party modules with Secure Boot enabled.
Abstract
The kernel currently has support for signing kernel modules, which can be used to ensure that Secure Boot is not circumvented by untrusted module code. While the existing in-kernel support can be used to sign out-of-tree drivers, the environment, tooling, and support implications make this somewhat unattractive.
Discussion on how to solve this in a generic fashion would be good.
Speaker
-
Josh Boyer
Red Hat- Twitter: jwboyer19
Biography
Josh is one of the Linux kernel maintainers for the Fedora Project. He currently works for Red Hat doing the maintainer role as well as poking about in various areas of the kernel in general, including Secure Boot and PowerPC support. He resides in western Michigan.