Secure boot and opensuse

There has been some discussion of secure boot in various forums on the internet.  The basic idea is that newer hardware, with UEFI partition, allows secure boot.  With secure boot, an operating system will not be allowed to boot unless it has a verifiable digital signature.

Related to this, Microsoft has insisted that it won’t certify hardware for use with Window 8, unless it supports secure boot.  Some have seen this as a diabolical scheme by microsoft to assert monopoly control and lockout the use of linux.  Other, calmer minds, have suggested that maybe secure boot is actually a good idea, even for linux.  And that open source software users should be looking for ways to use secure boot instead of opening up a new front in the operating system religious wars.

In the unix world, Ubuntu and Fedora both have announced plans on how they intend handling the situation.  And now SuSE has stepped up and announced its plans.  It looks like the best plan yet, and will probably apply to both opensuse and enterprise SUSE.

Some links:

The SUSE blog announcement: SUSE and Secure Boot: The Details

The opensuse forum announcement and discussion: SUSE details its Secure Boot plans

A quick overview

This may be a little oversimplified.

The secure boot operations in the computer would load a signed shim.  Here a shim is, in essence, a small preloader which means that it is a program that runs before the operating system loader.

The shim in turn will verify the signature on the grub2 loader, then start grub2.

Next, grub2 will access additional signing keys on disk, and use those to verify the signature on the kernel that it loads to start linux.

With this arrangement, only the shim needs to be signed with a key known to the computer hardware/firmware.  In the SUSE plans, SUSE will take care of getting the shim suitably signed.  The shim will itself then recognize signing keys built into the shim, and use those to verify the grub2 loader.  The next step, where grub2 accesses a pool of signing keys on disk, is what gives the system its flexibility.  If you want to compile your own kernel, you can create your own signing key and add it to that disk pool of signing keys.

At least, that is my current understanding.

Advertisements

Tags: , ,

About Neil Rickert

Retired mathematician and computer scientist who dabbles in cognitive science.

2 responses to “Secure boot and opensuse”

  1. Cae says :

    Take a look at security that’s suppose to “protect” the likes of Xbox, iPhones etc, and ask ourselves how effective are they.

    If one thinks that they are effective, then maybe yes, the secure boot thingy may works.

    If one thinks that Xbox had been cracked and iPhones had been jailbroken, then no, the secure boot is just another hinder to benefit the manufacture at the expense of the users.

    A look at Microsoft’s history with security matters, I’m not too encouraged.

    However, it does gurantee a higher entry point (more confusion) for new users to opensource OS.

    Also smaller opensource OS may be sidelined because they are unable to find an easy way to enter the secure boot arrangement. New (sub-distro) entrants will definitely be discouraged (and maybe that’s a good thing).

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: