/srv/irclogs.ubuntu.com/2015/04/09/#ubuntu-arm.txt

=== chihchun_afk is now known as chihchun
MeanderingCodehello all.  i'm wondering: is there such thing as a bootable image for armv7 (tegra 3) with a "secure boot" signed bootloader?09:12
MeanderingCodebecause, well, that would make my day09:12
MeanderingCodeor my month :)09:12
=== mrutland_ is now known as mrutland
bothAre there any ARM beginners here?11:39
=== wookey_ is now known as wookey
=== chihchun is now known as chihchun_afk
MeanderingCodeanyone up for my previous question?20:31
k1l_MeanderingCode: best is to ask the community around that device to get to know what to do21:16
MeanderingCodek1l_: there is no community around the device :)21:27
k1l_MeanderingCode: its not like on the desktop where we have one .iso and generic drivers for all sort of hardware.21:28
MeanderingCodek1l_: i've been gathering that, from reading yesterday.  but, there must be a bootloader, yes?21:29
MeanderingCodeand with it, one could make a bootable USB21:29
MeanderingCode*bootloader, or this "Shim" thing i've read about w/ secure boot signed x86 bootloaders21:30
k1l_so you got a locked bootloader on that device?21:31
MeanderingCodeit's a surface rt, tegra 3 processor...the UEFI is locked to secure boot.  it will boot from USB, but it would have to be a signed bootloader for the uefi secure boot to load any code21:32
MeanderingCode*and i know no one is working on it, and no one cares, and it's considered a dead end/lost cause, but i have inherited one and (if there is a signed shim or bootloader for armv7), there is really no reason it couldn't run linux for arm21:33
k1l_iirc the microsoft tablets are locked bootloaders and you cant sign a kernel because you dont get the microsoft key21:34
k1l_see http://forum.xda-developers.com/showthread.php?t=265539821:35
MeanderingCodek1l_: yes, i've read that.  essentially (before it spun off into exploit and bootstrapping), one person said they thought they recalled that there were no signed bootloaders/kernels for linux on arm.  there is on x86, and that's one of the 2 or 3 unauthoritative places i've seen that statement made, which is why i thought i'd ask here about secure boot signed arm bootloaders/shim21:41
k1l_MeanderingCode: secureboot on pc (x86) is a total other business than arm for microsoft.21:42
k1l_on arm its locked by default21:42
MeanderingCodei realize that.21:43
k1l_so it will not help that its different on x86 as long as there are no keys for arm.21:43
MeanderingCodeare you saying that you know there are no signed linux bootloaders for arm, or that it is different21:43
MeanderingCodebecause i already know that it is different21:43
k1l_which microsoft made because to save their business for arm.21:43
k1l_microsoft demands locked bootloaders if the device ships microsoft windows.21:44
k1l_(on arm)21:44
k1l_MeanderingCode: the setup on most arm is: hardcoded bootloader which either boots only signed kernels or could be opened to boot even unsigned kernels. for microsoft shiping devices microsoft demands to only boot microsoft signed kernels.21:49
k1l_i am not aware of a method to evade that hardcoded bootloaders. even on devices that ship android (linux kernel) they could not break that but used other methods like kexec to boot another unsigned kernel after the original signed kernel was booted. but i am not aware that works with microsoft.21:50
k1l_that is why you should ask the surface community, because they will know best on the specific setup of that device.21:51
MeanderingCodek1l_: thanks for all the insight.  maybe i'll dig futher to see if anyone's done it, or maybe i'll just give it to my kids to play games when out and about :)22:12

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!