Trusted Boot in Fedora

[Simo Sorce]

On Wed, 2011-06-22 at 14:01 -0500, Jon Ciesla wrote:
> > http://fedoraproject.org/wiki/Features/Trusted_Boot is a proposed
> > feature for F16. We've traditionally had a hard objection to the
> > functionality because it required either the distribution or downloading
> > of binary code that ran on the host CPU, but it seems that there'll
> > shortly be systems that incorporate the appropriate sinit blob in their
> > BIOS, which is a boundary we've traditionally been fine with.
> >
> > However, this is the kind of feature that has a pretty significant
> > impact on the distribution as a whole. Fesco decided that we should
> > probably have a broader discussion about the topic. The most obvious
> > issues are finding a sensible way to incorporate this into Anaconda, but
> > it's also then necessary to make sure that bootloader configuration is
> > updated appropriately.
> >
> > Outside that, is there any other impact? Does tboot perform any
> > verification of the kernels, and if so how is that configured? Is the
> > expectation that an install configured with TXT will only boot trusted
> > kernels, and if so what mechanism is used to verify the kernel? Is there
> > any further integration work that has to be performed for this to be
> > useful?
> 
> If so, is there a mechanism to disable that functionality, or mark a
> kernel as trusted, so that I could, for example, run a kernel I built
> myself or one from another RPM?

I would say that if this feature prevents users from creating their own
trusted kernels we shouldn't probably care supporting it.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York