On 09/10/2013 11:26 AM, Matthew Garrett wrote: > On Tue, 2013-09-10 at 14:23 -0300, Henrique de Moraes Holschuh wrote: >> On Tue, 10 Sep 2013, Matthew Garrett wrote: >>> That's why modern systems require signed firmware updates. >> >> Linux doesn't. Is someone working on adding signature support to the >> runtime firmware loader? > > It'd be simple to do so, but so far the model appears to be that devices > that expect signed firmware enforce that themselves. > Most devices do absolutely no verification on the firmware, and simply trust the driver. So signing firmware is probably critical. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html