Tux Machines
Posted by Roy Schestowitz on Oct 25, 2022,
updated Oct 29, 2022
=> Videos: Geary, GNOME File Picker, SpiralLinux, and More | Canonical/Ubuntu: Kernel Update, Mesa Stacks, Ubuntu Review, and More
=> ↺ Poettering: Brave new trusted boot world
This work is evidently the first in a series that will come out of the newly formed Linux Userspace API Group.
=> ↺ Lennart Poettering Talks Up A "Brave New Trusted Boot World" For Linux - Phoronix
Envisioned is having a fully-signed and fully-measured execution path, rollback protections, more simple and robust updates, remote attestation, and built around TPM 2.0 functionality - among other considerations.
=> ↺ Brave New Trusted Boot World
UPDATE
=> ↺ Systemd supremo proposes tightening up Linux boot process • The Register
Lennart Poettering's latest blog post proposes moving the Linux boot process into a "Brave New Trusted Boot World" of cryptographically signed Unified Kernel Images.
Agent Poettering offers a mechanism for tightening up the security of the system startup process on Linux machines, using TPM 2.0 hardware. In brief, what he sees as the problem is that on hardware with Secure Boot enabled, while the boot process up to and including the kernel is signed, the next step, loading the initrd, is not. That's what he wants to fix.
Late coverage:
=> ↺ Linux's boot needs a better RAM | ↺ Microsoft saboteur, not "Linux expert"
Linux expert Lennart Poettering is suggesting that Linux's boot process needs an upgrade by making changes to the intial RAM disk.
Poettering has been tinkering with a mechanism for tightening up the security of the system startup process on Linux machines, using TPM 2.0 hardware. What he thinks is the problem is loading the initrd.
For those not in the know, the initrd is the "initial RAM disk" and it allows Linux distributions to boot on different hardware without needing a custom kernel for every individual machine.
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB