|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen 4.3 development update, and stock-taking
>>> On 17.01.13 at 17:43, George Dunlap <george.dunlap@xxxxxxxxxxxxx> wrote: > On 17/01/13 16:14, Jan Beulich wrote: >>>>> On 17.01.13 at 16:48, George Dunlap <george.dunlap@xxxxxxxxxxxxx> wrote: >>> * Ubuntu plans on having the shim always load a bootloader (with a more >>> full-featured menu which is under Ubuntu's control, as opposed to the >>> EFI menu, which will be different for each platform) >>> * The bootloader will load either signed or unsigned kernel images >>> * Ubuntu will still be signing their kernel images, however, because: >>> * The bootloader will turn off boot services for unsigned images, but >>> will leave boot services on for signed images, so that >> Again - Linux expects to be turning off boot services itself. So >> there's no question of the boot loader doing so. >> >> There are certain other restrictions to what a not securely boot >> can do, of course. > > How does this in any way disagree with the sentence to which you're > responding? > > Case 1: Signed linux image. Linux expects to turn boot services off -> > bootloader doesn't. > Case 2: Unsigned linux image. "Certain other restrictions" -> > bootloader turns boot services off. > > They seem 100% compatible. In a way they are - xen.efi acts as the boot loader in the Xen case. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |