From: FMDF <fmdefrancesco@gmail.com>
To: "Rogério Valentim Feitoza da Silva" <rogerio.silva3920@gmail.com>
Cc: Guddla Rupesh <rupeshforu3@gmail.com>,
torin@tcarey.uk, kernelnewbies <kernelnewbies@kernelnewbies.org>
Subject: Re: Exporting cpu instruction set to kernel .config file
Date: Thu, 3 Mar 2022 20:39:10 +0100 [thread overview]
Message-ID: <CAPj211s6vAg-rCzct=6nyZevFQB061e4C2t9wo-Lh-7TE8U5ng@mail.gmail.com> (raw)
In-Reply-To: <CALgyNi2MGdmjGzVnBQ+cnCg94-k3ZTeHpCik2D7HwBVtFbLLjA@mail.gmail.com>
[-- Attachment #1.1: Type: text/plain, Size: 1111 bytes --]
On Thu, 3 Mar 2022, 20:01 Rogério Valentim Feitoza da Silva, <
rogerio.silva3920@gmail.com> wrote:
Rupesh has disabled Secure Boot because the kernel that Rupesh
> compiled couldn't boot with Secure Boot enabled.
> GRUB failed to load the kernel with the message "bad shim signature"
> and the "boot" command failed with
> "you need to load the kernel first" error (because the kernel failed to
> load).
>
Ah, I understand.
This is one more reason why he shouldn't change his .config file: he has no
knowledge of how kernels are built and of how the boot process in modern PC
works :)
I mean that he shouldn't had disabled secure boot for his custom kernel.
Developers / Administrators generate their own machine owner key and enroll
them in UEFI. Then they build custom signed kernels and loadable modules,
install and boot.
Disabling secure boot just because one doesn't know how to enroll their
keys and sign kernel objects is a very dangerous thing to do.
It's easy and lots of tutorials are in the web.
Regards,
Fabio M. De Francesco
> -Rogério Valentim
>
[-- Attachment #1.2: Type: text/html, Size: 2058 bytes --]
[-- Attachment #2: Type: text/plain, Size: 170 bytes --]
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
next prev parent reply other threads:[~2022-03-03 19:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-02 16:57 Exporting cpu instruction set to kernel .config file Guddla Rupesh
2022-03-03 1:05 ` FMDF
2022-03-03 1:20 ` FMDF
2022-03-03 15:21 ` Guddla Rupesh
[not found] ` <CAPj211vBPjs-rAHtjkQetzoOChHhaaPATBFfXNTmmnG0sGovVQ@mail.gmail.com>
2022-03-03 18:44 ` FMDF
2022-03-03 18:46 ` Fwd: " FMDF
2022-03-03 23:06 ` Valdis Klētnieks
[not found] ` <CALgyNi2MGdmjGzVnBQ+cnCg94-k3ZTeHpCik2D7HwBVtFbLLjA@mail.gmail.com>
2022-03-03 19:39 ` FMDF [this message]
2022-03-04 0:52 ` Rogério Valentim Feitoza da Silva
2022-03-04 11:18 ` Torin Carey
2022-03-02 17:11 Torin Carey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPj211s6vAg-rCzct=6nyZevFQB061e4C2t9wo-Lh-7TE8U5ng@mail.gmail.com' \
--to=fmdefrancesco@gmail.com \
--cc=kernelnewbies@kernelnewbies.org \
--cc=rogerio.silva3920@gmail.com \
--cc=rupeshforu3@gmail.com \
--cc=torin@tcarey.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.