On Tue, 2017-11-14 at 14:17 -0800, Matthew Garrett wrote: > On Tue, Nov 14, 2017 at 2:14 PM, James Bottomley > <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote: > > > > On Tue, 2017-11-14 at 15:55 -0500, Matthew Garrett wrote: > > > > > > TPM-backed Trusted Boot means you don't /need/ to sign anything, > > > since the measurements of what you loaded will end up in the TPM. > > > But signatures make it a lot easier, since you can just assert > > > that only signed material will be loaded and so you only need to > > > measure the kernel and the trusted keys. > > > > Actually, I'd disagree with that quite a lot: measured boot only > > works if you're attesting to something outside of your system that > > has the capability for doing something about a wrong > > measurement. Absent that, measured boot has no safety > > whatsoever. Secure boot, on the other hand, can enforce not > > booting with elements that fail the signature check. > > Measured boot has a great deal of value in the sealing of private > material, even in the absence of attestation. The way Microsoft make > use of PCR7 is a good example of how signatures make this easier - > achieving the same goal with a full measurement of the boot chain > instead of relying on signature validation results in significantly > more fragility. OK, so I agree that if you have sealed something required for boot (and have the capability for resealing it on OS upgrade) you can use measurements locally. However, I don't believe we have any systems today in Linux which can do this (we have theoretical ideas about how we might do it with LUKS root keys and one day we might actually have the infrastructure to make it viable for a standard laptop). Absent that, secure boot provides a reasonable measure of security which works with today's infrastructure. Note: this doesn't mean I necessarily want signatures everywhere (like firmware). We can sign elements in blobs that provide the effective security without needing more granular signatures. James -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html