Repository :
http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
---------------------------------------------------------------
commit ee0ac10ce5b1feaf3f2726847ce74a0637bc7535
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri Jun 27 09:56:57 2014 -0400
Updated text for BZ 892673
---------------------------------------------------------------
en-US/Implementation_of_Secure_Boot.xml | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/en-US/Implementation_of_Secure_Boot.xml
b/en-US/Implementation_of_Secure_Boot.xml
index 1647d59..feb0439 100644
--- a/en-US/Implementation_of_Secure_Boot.xml
+++ b/en-US/Implementation_of_Secure_Boot.xml
@@ -1,4 +1,4 @@
-<?xml version='1.0' encoding='utf-8' ?>
+
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "UEFI_Secure_Boot_Guide.ent">
%BOOK_ENTITIES;
@@ -188,6 +188,7 @@ in Secure Boot mode, which will cause several things to be true:
<member>it will validate the boot command line to only allow certain kernel
settings</member>
<member>it will check modules at load time for signatures and refuse to load
them if they are unsigned or signed with a signature not found in the UEFI key store
variables (see note)</member>
<member>it will refuse any operations from userland which cause userland-defined
DMA.</member>
+ <member>disable support for hibernate/suspend-to-disk, and other features which
would allow executing arbitrary code in kernel mode (even for the root
user).</member>
</simplelist>
</para>
<para>