Zack's Kernel News

Article from Issue 297/2025

Author(s): Zack Brown

Chronicler Zack Brown reports on the little links that bring us closer within the Linux kernel community.

Learning Developer Practices

Sometimes a patch can be good, but it may still face hurdles getting into the kernel. This time, Aditya Garg posted a patch by Paul Pawlowski to add driver support for the T2 Security Chip. The T2 is an embedded system that runs alongside the primary computer with all its own hardware resources such as RAM. It responds to requests over USB from the primary system, but it also stays active even when that primary system is asleep. The T2 makes sure that upgrades to the primary system have all been properly signed. It's a gatekeeper intended for Apple hardware, but it has various other abilities, such as controlling microphones, cameras, speech recognition, and whatnot.

The T2 also has a variety of security holes, some of which are apparently unfixable, because of being built into the hardware design itself.

This reveals a fascinating aspect of security in the Linux and open source world. The T2 was essentially used by Apple to prevent users from getting control of the hardware in order to install software that Apple had not itself approved. The unfixable security holes simply remove Apple's ability to exert that control, paving the way for users to do things such as install Linux on machines "protected" by the T2.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES

Print Issues

Digital Issues

SUBSCRIPTIONS

Print Subs

Digisubs

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia