I have an older computer that I use for some simple games. Its I5-7400, GTX-1050, 12GB memory, and an SSD - not new by any standards, but most of the games I’m playing are a decade old or more. I switched to Linux Mint today, since I don’t want to use Windows 11, but the performance on Mint is terrible compared to Windows 10. For example, in Portal 2’s native Linux version, I get like 10 fps in the title screen. War Thunder doesn’t even launch. The drivers are set to Nvidia’s proprietary drivers via the GUI. Am I missing something? I’d really rather not switch back to Windows.
Edit: VulkanInfo is saying, “ERROR: [Loader Message] Code 0: loader_scanned_icd_add: Could not get ‘vkCreateInstance’ via…”
It also seems to only be showing my CPU, not gpu? Not certain, since I don’t unstand a lot of the details, but it says, “deviceType = PHYSICAL_DEVICE_TYPE_CPU”.
Edit 2: turning off secureboot fixed it.
I might be wrong on some of this so take it with a grain of salt but heres my view.
Its not only loading signed modules it enables kernel lockdown mode which prevents even the root user from accessing certain kernel functions. This prevents them from installing persistent malware and a host of other attacks. Fedora and other distros that ship secure boot do enable this.
Yes microsoft signs the shim but I believe other authorities are being worked on.
If someone gets root on your system they can do a lot of damage but you can still prevent it and limit it. Stealing my firefox cookies is much better than installing persistent malware. If my cookies are stolen I can clear the malware and reset my passwords, same cannot be said for loading something into the kernel.
My gut reaction is that there are a lot of ways, once you have root access, to have your changes persistent. For example, modifying/replacing binaries, adding new ones before old ones in the path, adding startup scripts, modifying config files. Kernel modules seem to be an overcomplicated way to go about it, especially since (afaik) it would need to be compiled against the specific kernel version.