> Are there any downsides though?  For example, would resume from
> hibernation still work for such a setup?

It should work with hibernation without any problems, but i did
not test this extensively.

> More so, for the less knowledgeable of us, how does this relate to
> UEFI's "Secure Boot"?  I can only hope OpenBSD will support it some
> day, at least for amd64.  Debian has implemented it for the last major
> release, Debian 10.

Secure Boot as defined by the UEFI specification works with cryptographic
signatures instead of just measuring. Meaning there is also a Chain in which
every component has to verify the Signature of the next one.

The downside of this approach is, that in order to verify any signature, you
need some keys that you trust. If your name is Microsoft, than you can get
every vendor to include your keys inside the firmware and your bootloader
can be verified. This is obviously very convenient for the user.

If you are not Microsoft and your signature key is not included in the firmware,
than users have to sign the boot components manually and add their keys to the

To sum it up. I think that SecureBoot was the right choice for Microsoft but
for FOSS the TPM approach is less hassle for the user. Also measuring can
not only be done for the executable itself, but also for the data it uses.
That way buffer overflow attacks can also be detected. The signature based
approach can not do that.

In the next few days i will write a email to misc containing a small manual
and all the source code.

Best Regards


Reply via email to