[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171205102757.GA12982@amd>
Date: Tue, 5 Dec 2017 11:27:58 +0100
From: Pavel Machek <pavel@....cz>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Matthew Garrett <mjg59@...gle.com>,
Mimi Zohar <zohar@...ux.vnet.ibm.com>,
David Howells <dhowells@...hat.com>,
Alan Cox <gnomes@...rguk.ukuu.org.uk>,
"Luis R. Rodriguez" <mcgrof@...nel.org>,
"AKASHI, Takahiro" <takahiro.akashi@...aro.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jan Blunck <jblunck@...radead.org>,
Julia Lawall <julia.lawall@...6.fr>,
Marcus Meissner <meissner@...e.de>, Gary Lin <GLin@...e.com>,
LSM List <linux-security-module@...r.kernel.org>,
linux-efi <linux-efi@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel
lockdown
Hi!
> > Our ability to determine that userland hasn't been tampered with
> > depends on the kernel being trustworthy. If userland can upload
> > arbitrary firmware to DMA-capable devices then we can no longer trust
> > the kernel. So yes, firmware is special.
>
> You're ignoring the whole "firmware is already signed by the hardware
> manufacturer and we don't even have access to it" part.
Well... I guess we'd prefer the firmware _not_ be signed, so we can
fix security holes in that after the vendor lost interest... Bugs in
the wifi stacks seemed patcheable that way.
There is GPLed firmware available for some USB wifi's. We really
should make sure firmware signing is not mandatory/encouraged for the hw vendors.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists