Re: [PATCH 0/2] efi: Enhance capsule loader to support signed Quark images

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 16/02/17 03:00, Kweh, Hock Leong wrote:
-----Original Message-----
From: Jan Kiszka [mailto:jan.kiszka@xxxxxxxxxxx]
Sent: Thursday, February 16, 2017 3:00 AM
To: Andy Shevchenko <andy.shevchenko@xxxxxxxxx>
Cc: Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx>; Ard Biesheuvel
<ard.biesheuvel@xxxxxxxxxx>; linux-efi@xxxxxxxxxxxxxxx; Linux Kernel Mailing
List <linux-kernel@xxxxxxxxxxxxxxx>; Borislav Petkov <bp@xxxxxxxxx>; Kweh,
Hock Leong <hock.leong.kweh@xxxxxxxxx>; Bryan O'Donoghue
<pure.logic@xxxxxxxxxxxxxxxxx>
Subject: Re: [PATCH 0/2] efi: Enhance capsule loader to support signed Quark
images

On 2017-02-15 19:50, Jan Kiszka wrote:
On 2017-02-15 19:46, Andy Shevchenko wrote:
On Wed, Feb 15, 2017 at 8:14 PM, Jan Kiszka <jan.kiszka@xxxxxxxxxxx>
wrote:
See patch 2 for the background.

Series has been tested on the Galileo Gen2, to exclude regressions,
with a firmware.cap without security header and the SIMATIC IOT2040
which requires the header because of its mandatory secure boot.

Briefly looking to the code it looks like a real hack.
Sorry, but it would be carefully (re-)designed.

The interface that the firmware provides us? That should have been
done differently, I agree, but I'm not too much into those firmware
details, specifically when it comes to signatures.

The Linux code was designed around that suboptimal situation. If there
are better ideas, I'm all ears.


Expanding CC's as requested by Andy.

Jan


Hi Jan,

While I upstreaming the capsule loader patches, I did work with maintainer
Matt and look into this security header created for Quark. Eventually both
of us agreed that this will not be upstream to mainline as it is really a Quark
specific implementation.

What's the logic of that ?

It should be possible to provide a hook (or a custom function).


The proper implementation may require to work with UEFI community
to expand its capsule spec to support signed binary.

Are you volunteering to do that with - getting the CSH into the UEFI spec ?

If not then we should have a method to load/ignore a capsule including the CSH, if so then we should have a realistic timeline laid out for getting that spec work done.

Hint: I don't believe integrating the CSH into the UEFI standard will happen...



Regards,
Wilson

--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux