Bug 869627 - grub2: does not actually disable external module loading in Secure Boot mode
grub2: does not actually disable external module loading in Secure Boot mode
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: grub2 (Show other bugs)
18
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Peter Jones
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 869613
  Show dependency treegraph
 
Reported: 2012-10-24 08:41 EDT by Florian Weimer
Modified: 2012-10-24 09:39 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-10-24 09:39:41 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Florian Weimer 2012-10-24 08:41:45 EDT
When Secure Boot mode is enabled, only the "insmod" command is disabled, the module loading infrastructure in the background is still active.  Loading external modules must be disabled reliably in Secure Boot mode.
Comment 1 Mads Kiilerich 2012-10-24 09:17:25 EDT
That should be handled by recent changes. Or is the point that it still isn't handled correctly?

Which package version do the comment apply to?
Comment 2 Florian Weimer 2012-10-24 09:33:27 EDT
(In reply to comment #1)
> That should be handled by recent changes. Or is the point that it still
> isn't handled correctly?
> 
> Which package version do the comment apply to?

This was with grub2-2.00-9.fc18.  The most recent changes should indeed plug this hole.
Comment 3 Mads Kiilerich 2012-10-24 09:36:22 EDT
So this should be closed again as CURRENTRELEASE / NEXTRELEASE / RAWHIDE?
Comment 4 Florian Weimer 2012-10-24 09:39:41 EDT
(In reply to comment #3)
> So this should be closed again as CURRENTRELEASE / NEXTRELEASE / RAWHIDE?

Yes, closing.

Note You need to log in before you can comment on or make changes to this bug.