Linux Is Coming to Windows 8 PCs...Slowly
Many Linux users who tracked each step in the endless saga surrounding the Windows 8 UEFI Secure Boot scheme were highly disappointed a few weeks ago to hear that a promised workaround from The Linux Foundation is delayed. Last year, in the post "Will Windows 8 Lock Linux Out of PCs?," I discussed a Microsoft methodology for ultra-fast booting of Windows 8 PC through a specification called Unified Extensible Firmware Interface (UEFI). Linux users cried foul over it, because UEFI makes it technically possible for a hardware manufacturer to deliver a Windows 8 machine that won't boot an alternative operating system.
Now that it's the holiday season and Microsoft is heavily pushing Windows 8 toward consumers, there may be a lot of folks who are wondering how to get Linux to run on a Windows 8 machine. The good news is that there is a solution out in the wild, but it is aimed primarily at developers of Linux distros, and isn't widely implemented yet.
Installing Linux on most Windows 8 computers is still no easy task. On some Windows 8 machines, you can get as far as having a Linux distro installed, only to find that the UEFI Secure Boot scheme keeps the BIOS from allowing Linux to start.
Linux developer Matthew Garrett provided an overview of his UEFI Secure Boot "shim" workaround in a blog post. His solution is available for download here.
According to Steven J. Vaughan-Nichols:
"What Garrett has done with his shim approach is to create a signed boot-loader that can add keys to its own database. This is built on SUSE's bootloader design. In the SUSE design, the boot-loader has its own key database, besides the UEFI specification's key database. The SUSE boot-loader then executes any second-stage boot-loaders signed with a key in that database. Since the boot-loader is in charge of its own key enrollment, the boot-loader is free to impose its own policy, including enrolling new keys off a Linux distribution's installation file-system."
A quick look around shows that there are not many distributions available that have implemented Garrett's solution, but there almost certainly will be soon. On top of that, The Linux Foundation is still planning to deliver its workaround. In all likelihood, we'll see distros with easy solutions to this ongoing problem coming in January.