[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: UEFI secure boot

From: Dennis Wassenberg
Subject: Re: UEFI secure boot
Date: Fri, 17 Feb 2017 09:17:02 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0

Hi, Daniel,

On 16.02.2017 23:03, Daniel Kiper wrote:
> On Thu, Feb 16, 2017 at 09:21:19AM +0100, Dennis Wassenberg wrote:
>> Hi all,
>> I have a question regarding grub2 in relation with UEFI secure boot. I
>> do use a grub2 efi binary which is signed with sbsigntools. If the grub2
>> starts I think there is in general no information about that the grub2
>> is booted in secure boot environment.
> Why do you need that?
Just to show that it is booted in secure mode. In general there are only
a few devices which shows at the beginning that secureboot is active. So
maybe it makes sense to show it at the booted efi application. If a user
is interested in knowing if it is active or not he has to enter the
Setup. In case of Lenovo there it is not shown directly if secureboot is
active or not. At the secureboot tab there is shown that secureboot is
enabled or not and if secureboot is in custom mode or setup mode. I
believe that not every user known what this means. Thats why I think a
hint if secureboot is currently active or not would make sense.
>> Is there a possibility to show that in grub2? I found no way to do that.
> If there is an use case why not.
Would this be a use case?
>> Are you interested in having the possibility to show the uefi secure
>> boot status (e.g. EFI variable secureboot)?
> I am going to work on shim protocol verification for Multiboot2
> compatible images. I hope that it will be taken into GRUB2 2.03.
Ah ok.
> Daniel

Thank you for your response.

Best regards,
> _______________________________________________
> Grub-devel mailing list
> address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]