[Ksummit-discuss] [TECH TOPIC] Signature management - keys, modules, firmware, was: Last minute nominations: mcgrof and toshi
Vinod Koul
vinod.koul at intel.com
Fri Aug 12 13:12:59 UTC 2016
On Fri, Aug 12, 2016 at 05:54:25AM -0700, Andy Lutomirski wrote:
> On Aug 12, 2016 3:30 PM, "Vinod Koul" <vinod.koul at intel.com> wrote:
> > One more point worth mentioning here...
> >
> > Whatever solution we decide, some firmware is already signed. Some of
> > the Intel firmware we submit to linux-firmware is signed and a firmware
> > with bad or unsigned keys will fail to load on these devices. Now how
> > much we are willing to trust that is entirely different question.
> >
> > Any solution needs to comprehend that additional signing might be
> > present.
>
> I see device-verified signatures as orthogonal: the kernel loads a blob,
> optionally verifies the blob, and that blob just happens to contain a
> signature.
In that case we should not optionally verify. But if we trust vendors
sign, we don't need to verify..
--
~Vinod
More information about the Ksummit-discuss
mailing list