So, I was backporting the latest 4.19.16 kernel from Sid, and happened to look through the Debian lockdown set of patches for Secure Boot. They
A: disable hibernation, since there is currently no way to sign the hibernated image. I like hibernating!
B: disable Intel CPU undervolting by disabling writes to the MSR registers, which would also be a big loss to me.
C: disable loading of unsigned kernel driver modules, which we already knew. That cuts out those users that need to build their own wi-fi, etc. drivers from source if the driver's not in the kernel.
D: But adds a magic key combo "SysRq + x" to turn off lockdown, if I read the patch right.
Secure Boot is being tested on Debian Sid [News]
Re: Secure Boot is being tested on Debian Sid [News]
So based on post #11 by Stevo it looks like a failure. I will continue in Legacy mode.
I am command line illiterate. I copy & paste to the terminal. Liars, Wiseguys, Trolls, and those without manners will be added to my ignore list.
Re: Secure Boot is being tested on Debian Sid [News]
... It's too early, for me, to have prejudices, goods or bads ... wait and see ...
Pour les nouveaux utilisateurs: Alt+F1 pour le manuel, ou FAQS, MX MANUEL, et Conseils Debian - Info. système “quick-system-info-mx” (QSI) ... Ici: System: MX-19_x64 & antiX19_x32
Re: Secure Boot is being tested on Debian Sid [News]
I have Secure Boot disabled, but am running fine with UEFI on two machines. No Legacy mode required here.
Re: Secure Boot is being tested on Debian Sid [News]
Same here...UEFI works fine without Secure Boot.
Asus Prime X570-Pro | AMD Ryzen 7 3700X
16 Gig DDR4 3600 | Radeon RX 5600 XT Graphics
Samsung 860 500GB SSDs (2)