Fedora ARM and SecureBoot

Matthew Garrett mjg59 at srcf.ucam.org
Thu Jun 7 19:25:40 UTC 2012

On Thu, Jun 07, 2012 at 01:14:57PM -0400, Przemek Klosowski wrote:
> What is Fedora ARM planning to do about the upcoming Microsoft
> hardware certification spec requiring Secure Boot? By the spec,
> there must be a way to disable it on x86, but on ARM they expressly
> prohibit turning it off. I guess the current Fedora/RedHat stance,
> as explained by Matthew Garrett, is to obtain a MS certificate
> covering x86 and presumably ARM kernels from Fedora, but this
> doesn't help respins and mods and even custom kernels---more likely
> on ARM because of the its relative newness and faster pace of
> development.

I (personally) have no desire to support scenarios where it's impossible 
for the user to install their own keys, so I have no intention of 
working on this. It's technically possible, but I think it's 
incompatible with Fedora's goals.

Matthew Garrett | mjg59 at srcf.ucam.org

More information about the devel mailing list