Re: [RFD] linux-firmware key arrangement for firmware signing

From: Mimi Zohar
Date: Tue May 26 2015 - 15:52:54 EST

Next message: Mateusz Kulikowski: "Re: [PATCH v4 06/35] staging: rtl8192e: Replace memcmp() with ether_addr_equal_unaligned()"
Previous message: Chris Metcalf: "Re: [PATCH 0/6] support "dataplane" mode for nohz_full"
In reply to: Petko Manolov: "Re: [RFD] linux-firmware key arrangement for firmware signing"
Next in thread: David Howells: "Re: [RFD] linux-firmware key arrangement for firmware signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2015-05-26 at 18:08 +0100, One Thousand Gnomes wrote:

> IMHO we want the supplier of a given firmware providing signatures on
> the firmware git tree if this is done. A generic linux-firmware owned key
> would be both a horrendously inviting attack target, and a single point of
> failure.
>
> Git can already do all the needed commit signing bits unless I'm missing
> something here ?

Nice! I haven't tried signing commits yet. Assuming the signatures can
be extracted from git, the firmware blob git commit signature could be
stored either as a security xattr or appended (eg. similar to kernel
modules). The end system owner could then make the decision to load the
associated public key or not.

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mateusz Kulikowski: "Re: [PATCH v4 06/35] staging: rtl8192e: Replace memcmp() with ether_addr_equal_unaligned()"
Previous message: Chris Metcalf: "Re: [PATCH 0/6] support "dataplane" mode for nohz_full"
In reply to: Petko Manolov: "Re: [RFD] linux-firmware key arrangement for firmware signing"
Next in thread: David Howells: "Re: [RFD] linux-firmware key arrangement for firmware signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]