Describe module signing and relationship to Secure Boot

author Ben Hutchings <ben@decadent.org.uk>

Sat, 10 Aug 2013 15:36:03 +0000 (17:36 +0200)

committer Ben Hutchings <ben@decadent.org.uk>

Sat, 10 Aug 2013 17:21:35 +0000 (19:21 +0200)
author Ben Hutchings <ben@decadent.org.uk>
Sat, 10 Aug 2013 15:36:03 +0000 (17:36 +0200)
committer Ben Hutchings <ben@decadent.org.uk>
Sat, 10 Aug 2013 17:21:35 +0000 (19:21 +0200)
diff --git a/index.html b/index.html

index 9d3e258a406cd81ae208f8b47ff57719475fe2f5..0713e46dc51e7ecbed681ca474caab347220e72d 100644 (file)
--- a/index.html
+++ b/index.html
@@ -165,6 +165,24 @@
    </ul>
  </div>
  
+<div class="slide">
+  <h1>Module signing [3.7]</h1>
+  <ul class="incremental">
+    <li>
+      Kernel modules can be signed at build time, and the kernel
+      configured to refuse loading unsigned modules
+    </li>
+    <li>
+      Necessary but not sufficient to implement Secure Boot -
+      we would also need signed kernel images and some other
+      restrictions when booted in this mode
+    </li>
+    <li>
+      Want to make Secure Boot work?  Come to the meeting on Tuesday
+    </li>
+  </ul>
+</div>
+
  <div class="slide">
    <h1>Questions?</h1>
  </div>
author	Ben Hutchings <ben@decadent.org.uk>
	Sat, 10 Aug 2013 15:36:03 +0000 (17:36 +0200)
committer	Ben Hutchings <ben@decadent.org.uk>
	Sat, 10 Aug 2013 17:21:35 +0000 (19:21 +0200)