Re: Linux DRTM on UEFI platforms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Brendan Trotter <btrotter@xxxxxxxxx>
Subject: Re: Linux DRTM on UEFI platforms
From: Matthew Garrett <mjg59@xxxxxxxxxxxxx>
Date: Wed, 6 Jul 2022 01:12:33 +0100
Cc: The development of GNU GRUB <grub-devel@xxxxxxx>, Ard Biesheuvel <ardb@xxxxxxxxxx>, Daniel Kiper <daniel.kiper@xxxxxxxxxx>, Alec Brown <alec.r.brown@xxxxxxxxxx>, Kanth Ghatraju <kanth.ghatraju@xxxxxxxxxx>, Ross Philipson <ross.philipson@xxxxxxxxxx>, "piotr.krol@xxxxxxxxx" <piotr.krol@xxxxxxxxx>, "krystian.hebel@xxxxxxxxx" <krystian.hebel@xxxxxxxxx>, "persaur@xxxxxxxxx" <persaur@xxxxxxxxx>, "Yoder, Stuart" <stuart.yoder@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "michal.zygowski@xxxxxxxxx" <michal.zygowski@xxxxxxxxx>, James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, "lukasz@xxxxxxxxxxx" <lukasz@xxxxxxxxxxx>, linux-efi@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, James Morris <jmorris@xxxxxxxxx>
In-reply-to: <CAELHeEfZ-feZnexp7Gx3VAJPerENcoO1Uccbe3xxUX95jvLUdA@mail.gmail.com>
References: <20220329174057.GA17778@srcf.ucam.org> <f9622b47-c45f-8c91-cb85-e5db7fd541cf@apertussolutions.com> <CAMj1kXEUT8BK_akqjF1Wx0JkLniFyV_h9s1TfQnPqfxCHsKfWw@mail.gmail.com> <7aab2990-9c57-2456-b08d-299ae96ac919@apertussolutions.com> <CAELHeEfZ-feZnexp7Gx3VAJPerENcoO1Uccbe3xxUX95jvLUdA@mail.gmail.com>
User-agent: Mutt/1.10.1 (2018-07-13)

On Wed, Jul 06, 2022 at 09:33:23AM +0930, Brendan Trotter wrote:

> The only correct approach is "efi-stub -> head_64.S -> kernel's own
> secure init"; where (on UEFI systems) neither GRUB nor Trenchboot has
> a valid reason to exist and should never be installed.

Surely the entire point of DRTM is that we *don't* have to trust the 
bootloader?

References:
- Linux DRTM on UEFI platforms
  - From: Matthew Garrett
- Re: Linux DRTM on UEFI platforms
  - From: Daniel P. Smith
- Re: Linux DRTM on UEFI platforms
  - From: Ard Biesheuvel
- Re: Linux DRTM on UEFI platforms
  - From: Daniel P. Smith
- Re: Linux DRTM on UEFI platforms
  - From: Brendan Trotter

Prev by Date: Re: Linux DRTM on UEFI platforms
Next by Date: Re: [PATCH v9 9/9] drivers/node: Show in sysfs node's crypto capabilities
Previous by thread: Re: Linux DRTM on UEFI platforms
Next by thread: Re: Linux DRTM on UEFI platforms
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]