Re: [PATCH 00/12] One more attempt at useful kernel lockdown

From: H. Peter Anvin
Date: Tue Sep 10 2013 - 15:45:05 EST


On 09/10/2013 12:17 PM, David Lang wrote:
>>
>> In theory these blobs are traceable to a manufacturer. It's not really
>> an indication that it's "safe" more than it's an indication that it
>> hasn't been changed. But I haven't chased this very hard yet because
>> of below...
>
> well, not if you are trying to defend against root breaking in to the
> machine.
>

And we have at least some drivers where we even have the firmware in the
Linux kernel tree, and thus aren't opaque blobs at all.

I suspect we'll need, at some point, a way for vendors that aren't
already doing signatures on their firmware in a device-specific way to
do so in a kernel-supported way. The easiest (in terms of getting
vendors to play along, not necessarily technically) might be a PGP
signature (either inline or standalone) and have the public key as part
of the driver?

-hpa


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/