Jim Fear joins Apple

I missed this, earlier this month. Wow, Apple has hired MANY great UEFI security researchers. Looking forward to seeing the results of their product.


I hope the open source project Voltron, and his EFI tools will be maintained. It seems some who join Apple are not permitted to work on open source projects.


(In vaguely-related news, last night my MacBook just self-destructed, the non-replacable battery expanded and popped the system open, knocking the trackpad out. The sausage expired. 😦

efitools now available for ARM

James Bottomley has a few new blog posts, two on efitools availability for ARM, and another on a container model for UEFI.


Constructing Architecture Emulation Containers

[…] the problem: how to build and test efitools for arm and aarch64 while not possessing any physical hardware.  The solution is to build an architecture emulation container using qemu and mount namespaces such that when its entered you find yourself in your home directory but with the rest of Linux running natively (well emulated natively via qemu) as a new architecture.  […] However, there’s a problem here: the installed binary emulator usually runs as /usr/bin/qemu-${arch}, so if you’re running a full operating system container, you can’t install any package that would overwrite that.  Unfortunately for me, the openSUSE Build Service package osc requires qemu-linux-user and would cause the overwrite of the emulator and the failure of the container.  The solution to this was to bind mount the required emulator into the / directory, where it wouldn’t be overwritten and to adjust the binfmt_misc paths accordingly. […]