**** BEGIN LOGGING AT Thu Apr 09 02:59:58 2015 Apr 09 09:12:20 hello all. i'm wondering: is there such thing as a bootable image for armv7 (tegra 3) with a "secure boot" signed bootloader? Apr 09 09:12:28 because, well, that would make my day Apr 09 09:12:34 or my month :) Apr 09 11:39:29 Are there any ARM beginners here? Apr 09 20:31:15 anyone up for my previous question? Apr 09 21:16:44 MeanderingCode: best is to ask the community around that device to get to know what to do Apr 09 21:27:42 k1l_: there is no community around the device :) Apr 09 21:28:42 MeanderingCode: its not like on the desktop where we have one .iso and generic drivers for all sort of hardware. Apr 09 21:29:23 k1l_: i've been gathering that, from reading yesterday. but, there must be a bootloader, yes? Apr 09 21:29:43 and with it, one could make a bootable USB Apr 09 21:30:19 *bootloader, or this "Shim" thing i've read about w/ secure boot signed x86 bootloaders Apr 09 21:31:03 so you got a locked bootloader on that device? Apr 09 21:32:34 it's a surface rt, tegra 3 processor...the UEFI is locked to secure boot. it will boot from USB, but it would have to be a signed bootloader for the uefi secure boot to load any code Apr 09 21:33:32 *and i know no one is working on it, and no one cares, and it's considered a dead end/lost cause, but i have inherited one and (if there is a signed shim or bootloader for armv7), there is really no reason it couldn't run linux for arm Apr 09 21:34:28 iirc the microsoft tablets are locked bootloaders and you cant sign a kernel because you dont get the microsoft key Apr 09 21:35:40 see http://forum.xda-developers.com/showthread.php?t=2655398 Apr 09 21:41:22 k1l_: yes, i've read that. essentially (before it spun off into exploit and bootstrapping), one person said they thought they recalled that there were no signed bootloaders/kernels for linux on arm. there is on x86, and that's one of the 2 or 3 unauthoritative places i've seen that statement made, which is why i thought i'd ask here about secure boot signed arm bootloaders/shim Apr 09 21:42:31 MeanderingCode: secureboot on pc (x86) is a total other business than arm for microsoft. Apr 09 21:42:42 on arm its locked by default Apr 09 21:43:05 i realize that. Apr 09 21:43:35 so it will not help that its different on x86 as long as there are no keys for arm. Apr 09 21:43:43 are you saying that you know there are no signed linux bootloaders for arm, or that it is different Apr 09 21:43:50 because i already know that it is different Apr 09 21:43:53 which microsoft made because to save their business for arm. Apr 09 21:44:26 microsoft demands locked bootloaders if the device ships microsoft windows. Apr 09 21:44:31 (on arm) Apr 09 21:49:26 MeanderingCode: the setup on most arm is: hardcoded bootloader which either boots only signed kernels or could be opened to boot even unsigned kernels. for microsoft shiping devices microsoft demands to only boot microsoft signed kernels. Apr 09 21:50:57 i am not aware of a method to evade that hardcoded bootloaders. even on devices that ship android (linux kernel) they could not break that but used other methods like kexec to boot another unsigned kernel after the original signed kernel was booted. but i am not aware that works with microsoft. Apr 09 21:51:37 that is why you should ask the surface community, because they will know best on the specific setup of that device. Apr 09 22:12:27 k1l_: thanks for all the insight. maybe i'll dig futher to see if anyone's done it, or maybe i'll just give it to my kids to play games when out and about :) **** ENDING LOGGING AT Fri Apr 10 02:59:59 2015