On Tue, Aug 25, 2020 at 7:45 AM Martin K. Petersen <martin.petersen@xxxxxxxxxx> wrote: > > > Sreekanth, > > > As explained in description the purpose of disabling support for these > > devices in the driver is to avoid interacting with any firmware which > > is not secured/signed by Broadcom. > > I understand, but that should be a user decision. > > What are these devices you want to disable support for? Why is their > firmware not signed? The scenario that we are discussing here is a scenario where the device is showing evidence that someone has attempted to physically tamper with the device and has attempted to put it into a state where security could be compromised. Broadcom adapters participate in a Secure Boot process, where every piece of FW is digitally signed by Broadcom and is checked for a valid signature. If any piece of our adapter FW fails this signature check, it is possible the FW has been tampered with and the adapter should not be used. Our driver should not make any additional access to the “invalid/tampered” adapter because the FW is not valid (could be malicious FW). This type of detection is added into latest Aero and Sea family adapters h/w. Thanks, Sreekanth > > -- > Martin K. Petersen Oracle Linux Engineering
