On 07/16/2017 11:26 PM, Patrick Ohly wrote:
On Fri, 2017-07-14 at 19:11 -0700, California Sullivan wrote:
I'm not sure why I never tried just signing the kernel and systemd-boot,
but it works. If either one is not signed, it causes gives a security
violation error.
A con of this implementation is that unlike the combo app, we don't
inherently validate the initrd. In the future we could require that
an initrd is not used with secure boot unless the combo app is chosen.
A lot of functionality in refkit (and elsewhere) depends on an an
initramfs, like setting up dm-verity, dm-crypt/LUKS and OSTree. I
consider not supporting an initramfs a deal breaker. It might be good
enough for some systems, but I'm not sure about that.
I misspoke a bit in my message here. The combo app essentially uses an
initramfs built into the kernel rather than an initrd, and such a thing
should still work with this method (via INITRAMFS_IMAGE_BUNDLE and
INITRAMFS_IMAGE variables). A separate initrd (like what you see when
using an hddimg with a normal bootloader) would not be secure, and might
be something to not allow when secure boot is enabled.
---
Cal
--
_______________________________________________
meta-intel mailing list
meta-intel@yoctoproject.org
https://lists.yoctoproject.org/listinfo/meta-intel
