Microsoft has moved to allay fears that Windows 8-certified PCs might prevent users from booting into Linux. Without mentioning the open source operating system by name, the company suggests end users will be able to disable the required "secure boot" aspect of the Unified Extensible Firmware Interface (UEFI) if they really want to.
Microsoft cheered Windows users earlier this month when it demonstrated the upcoming Windows 8 operating system booting in eight seconds. Part of the technology behind the fast boots, however, could enable Microsoft and its PC vendor partners to block users from loading Linux on a Windows 8 PC, Matthew Garrett, a mobile Linux developer at Red Hat, wrote in a Sept. 20 blog post.
To gain Windows 8 certification, PCs will be required to use the Unified Extensible Firmware Interface (UEFI) in revision 2.3.1 or later. This firmware includes a secure boot mode, intended to block malware such as rootkit infections. When this mode is turned on, the only boot loaders that will run are those whose signatures match those stored in a database within the firmware, according to Microsoft.
Garrett charged that this mechanism could not only keep users from installing alternative operating systems such as Linux, but also prevent them from using hardware -- a new graphics card, for example -- that didn't come with appropriately signed drivers. He further complained that there is no central signing authority for the keys employed in UEFI secure boot, effectively giving each PC vendor control over what software its products can load.
In a Sept. 22 posting on the Building Windows blog, Microsoft Program Manager Tony Mangefeste responded. He writes, "At the end of the day, the customer is in control of their PC. The security that UEFI has to offer with secure boot means that most customers will have their systems protected against boot loader attacks. For the enthusiast who wants to run older operating systems, the option is there to allow you to make that decision."
Mangefeste pointed out that the Samsung tablet presented to developers at the recent BUILD conference included Microsoft-designed firmware (above) allowing secure boot to be disabled. "Microsoft does not mandate or control the settings on PC firmware that control or enable secured boot from any operating system other than Windows," he added.
In his posting, however, Mangafeste appears to admit that a given OEM could make secure boot non-defeatable if it really wanted to. He also defends the lack of a central signing authority, as follows:
Microsoft supports OEMs having the flexibility to decide who manages security certificates and how to allow customers to import and manage those certificates, and manage secure boot. We believe it is important to support this flexibility to the OEMs and to allow our customers to decide how they want to manage their systems.
"A growing trend in the evolution of malware exploits is targeting the boot path as a a preferred attack vector. This class of attack has been difficult to guard against, since antimalware products can be disabled by malicious software that prevents them from loading entirely," Mangafeste adds.
"There's no indication that Microsoft will prevent vendors from providing firmware support for disabling this feature and running unsigned code," Red Hat's Garrett admitted in his Sept. 20 blog posting. But, he added, "experience indicates that many firmware vendors and OEMs are interested in providing only the minimum of firmware functionality required for their market. It's almost certainly the case that some systems will ship with the option of disabling this."
Faced with a lock-out, Linux distributions could possibly work around the problem by providing signed versions of Linux. Due to Grub licensing issues, this would require a non-GPL boot loader, Garrett explained.
Complicating the issue further are future plans for the Linux kernel to be further integrated with the boot loader. In this case, any such workaround would also require that the kernel be signed as well, he added.
Steve Sinofsky, president of Microsoft's Windows and Windows Live division, added the following comment to Mangafeste's blog posting, again avoiding the dreaded L-word: "How secure boot works with any other operating systems is obviously a question for those OS products We focus our boot loader on Windows and there are a number of alternatives for people who wish to have other sets of functionality."
Leaving the MS-DOS era behind
In a Sept. 20 blog posting of her own on the Building Windows 8 blog, Microsoft Program Manager Billie Sue Chafins didn't address the concerns of Linux developers directly. But she did confirm that Windows 8 will "continue to support the legacy BIOS interface," and will also allow users to boot into other operating systems installed on a single machine (as pictured below).
Mentioning secure boot capabilities in passing, Chafins said UEFI is also preferable because it allows systems to "render rich graphical experiences in native resolution via the Graphic Output Protocol (GOP) driver." Instead of old-fashioned menus that look like they are from the MS-DOS era, therefore, users can configure their systems using a user interface (below) that's mouseable or touchable.
According to Chafins, Windows 8 will even make a soft keyboard available from the command prompt in Windows RE (Windows Recovery Environment) mode. Thanks to this, it will be possible to perform field repairs of devices that have no keyboard, she notes.
Source linux Devices.Com