Friday, May 24, 2013

Making UEFI Secure Boot work for Linux

by Matthew Garrett (Nebula)

Friday, 24.05.2013, London II, 12:30-13:30 Uhr

Microsoft's imposition of UEFI Secure Boot on the consumer PC market threatened to make it either difficult or impossible for end users to install Linux on new hardware. Over 18 months later, we're still here. How did the Linux community find solutions that made it possible to ship Linux without locking out community distributions, breaching licenses or overly limiting freedoms?

This presentation will provide a technical discussion of what UEFI Secure Boot is and the approaches that have been taken to mitigating the problems it causes, including a description of the development process that led to the solutions we ship today. It'll also cover the difficulties involved in working with the "upstream" UEFI community of hardware and firmware vendors, including some insight into how the efforts of Linux developers have helped shape new versions of the UEFI specification.

About the author Matthew Garrett:

Matthew Garrett has been working on improving Linux compatibility with PC firmware for almost 10 years. Formerly at Red Hat, he now works on cloud hardware security at Nebula.