Re: [RFD] linux-firmware key arrangement for firmware signing

From: Woodhouse, David
Date: Thu May 21 2015 - 15:33:08 EST


On Thu, 2015-05-21 at 10:02 -0700, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
>
> Again, why have a detached signature and not just part of the firmware
> blob? The device needs to be caring about this, not the kernel.
>
> Do other operating systems have this type of "feature"?

Yes. Windows effectively does by virtue of the fact that it ships he
firmware *with* the driver and even if it's in a separate file (which
it often isn't), the signed manifest covers it all together.

Look at it this way: If you don't have an IOMMU, then signing modules
is *utterly* pointless unless you also sign firmware. A rogue device
can do *anything*.

We really do want firmware signing for the *OS*, not just for
regulatory issues and other vendor-interest stuff which was Luis's
original focus.

--
David Woodhouse Open Source Technology Centre
David.Woodhouse@xxxxxxxxx Intel Corporation

Attachment: smime.p7s
Description: S/MIME cryptographic signature