From: Rich Freeman <rich0@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] UEFI secure boot and Gentoo
Date: Fri, 15 Jun 2012 20:41:47 -0400 [thread overview]
Message-ID: <CAGfcS_mvUwCP7zfG6rVZ64ycbDswzHoN+h6Z-r+1FbrJDDa9_w@mail.gmail.com> (raw)
In-Reply-To: <20120615235553.GB9885@kroah.com>
On Fri, Jun 15, 2012 at 7:55 PM, Greg KH <gregkh@gentoo.org> wrote:
> On Fri, Jun 15, 2012 at 06:14:12AM -0400, Rich Freeman wrote:
> The whole chain-of-trust is an interesting issue as the UEFI spec does
> not require it at all, and some people on the UEFI committee have told
> me that it is not required either. But, others have. Getting to the
> root of this problem is something I'm trying to do, as it's a very
> important one for anyone who is going to be trusting, and providing, a
> key in the BIOS.
It sounds like the UEFI committee isn't really the problem here. You
can have a UEFI firmware as long as it follows the spec. However, you
won't get the Windows logo certification if you don't follow the
Windows rules.
I would think they'd basically want a chain of trust for anything that
loads into kernel space. Otherwise all a malware author has to do is
ship a signed linux kernel, have it boot a bash script that loads
their malware via an unsigned kernel module, and then at that point
they just intercept whatever they want to and then boot Windows,
discarding the rest of the linux kernel.
However, even the MS requirements say that an OEM can have other keys
as well, and nothing says that all of them need to be secure (other
than the root key). If I published a keypair on the internet and
persuaded OEMs to include it as trusted, then in theory that would
pass the MS requirements as they are currently written, and would
render secure boot meaningless.
Rich
next prev parent reply other threads:[~2012-06-16 0:42 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-15 4:28 [gentoo-dev] UEFI secure boot and Gentoo Greg KH
2012-06-15 4:45 ` Arun Raghavan
2012-06-15 4:56 ` Greg KH
2012-06-15 5:24 ` Arun Raghavan
2012-06-15 21:28 ` Matthew Thode
2012-06-15 5:48 ` Eray Aslan
2012-06-15 7:26 ` Michał Górny
2012-06-15 7:49 ` Florian Philipp
2012-06-15 8:06 ` Richard Farina
2012-06-15 8:24 ` Florian Philipp
2012-06-15 23:59 ` Greg KH
2012-06-16 8:33 ` Florian Philipp
2012-06-16 0:03 ` gregkh
2012-06-15 5:00 ` [gentoo-dev] " Duncan
2012-06-15 5:03 ` [gentoo-dev] " Ben de Groot
2012-06-15 5:08 ` Matthew Finkel
2012-06-15 5:24 ` Arun Raghavan
2012-06-15 7:12 ` Ben de Groot
2012-06-15 7:58 ` Richard Farina
2012-06-15 8:37 ` Florian Philipp
2012-06-15 11:32 ` Walter Dnes
2012-06-15 12:01 ` Rich Freeman
2012-06-15 12:48 ` Florian Philipp
2012-06-16 9:22 ` Maxim Kammerer
2012-06-17 17:03 ` Greg KH
2012-06-17 19:22 ` Maxim Kammerer
2012-06-15 10:50 ` Ben de Groot
2012-06-16 0:02 ` Greg KH
2012-06-15 4:45 ` Greg KH
2012-06-15 5:48 ` Philip Webb
2012-06-16 0:01 ` Greg KH
2012-06-16 3:18 ` Philip Webb
2012-06-15 21:35 ` Matthew Thode
2012-06-16 0:00 ` Greg KH
2012-06-15 4:50 ` [gentoo-dev] " Duncan
2012-06-15 5:01 ` Matthew Finkel
2012-06-15 7:54 ` Florian Philipp
2012-06-15 12:28 ` Walter Dnes
2012-06-15 12:55 ` Florian Philipp
2012-06-16 23:37 ` Steev Klimaszewski
2012-06-17 16:58 ` Greg KH
2012-06-17 17:24 ` Dale
2012-06-16 17:51 ` Michał Górny
2012-06-17 9:20 ` Florian Philipp
2012-06-17 15:51 ` Michał Górny
2012-06-17 16:55 ` Greg KH
2012-06-17 17:06 ` Michał Górny
2012-06-17 17:17 ` Rich Freeman
2012-06-17 17:28 ` Florian Philipp
2012-06-17 17:56 ` Greg KH
2012-06-17 16:56 ` Matthew Finkel
2012-06-17 17:10 ` Michał Górny
2012-06-17 17:40 ` Florian Philipp
2012-06-17 17:34 ` Sascha Cunz
2012-06-17 17:55 ` Rich Freeman
2012-06-17 18:00 ` Florian Philipp
2012-06-17 18:56 ` Sascha Cunz
2012-06-17 19:20 ` Graham Murray
2012-06-17 20:30 ` Florian Philipp
2012-06-17 23:07 ` Rich Freeman
2012-06-22 6:42 ` George Prowse
2012-06-15 4:57 ` [gentoo-dev] " Chí-Thanh Christopher Nguyễn
2012-06-15 12:18 ` Luca Barbato
2012-06-15 12:33 ` Rich Freeman
2012-06-15 23:56 ` Greg KH
2012-06-16 6:30 ` Michał Górny
2012-06-15 10:14 ` Rich Freeman
2012-06-15 11:26 ` Florian Philipp
2012-06-15 12:22 ` Luca Barbato
2012-06-15 12:45 ` Rich Freeman
2012-06-15 15:46 ` G.Wolfe Woodbury
2012-06-15 23:55 ` Greg KH
2012-06-16 0:41 ` Rich Freeman [this message]
2012-06-16 3:49 ` Greg KH
2012-06-16 23:52 ` Matthew Summers
2012-06-17 0:23 ` [gentoo-dev] " Duncan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGfcS_mvUwCP7zfG6rVZ64ycbDswzHoN+h6Z-r+1FbrJDDa9_w@mail.gmail.com \
--to=rich0@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox