Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown

[Matthew Garrett]

On Tue, Nov 14, 2017 at 3:18 PM, Linus Torvalds
<torvalds at linux-foundation.org> wrote:
> On Tue, Nov 14, 2017 at 11:58 AM, Matthew Garrett <mjg59 at google.com> wrote:
>>
>> Our ability to determine that userland hasn't been tampered with
>> depends on the kernel being trustworthy. If userland can upload
>> arbitrary firmware to DMA-capable devices then we can no longer trust
>> the kernel. So yes, firmware is special.
>
> You're ignoring the whole "firmware is already signed by the hardware
> manufacturer and we don't even have access to it" part.

Firmware is sometimes signed by the hardware manufacturer. There's
plenty of hardware that accepts unsigned firmware.

> You're also ignoring the fact that we can't trust firmware _anyway_,
> as Alan pointed out.

Yeah, for arbitrary devices. There are cases where security has been
well audited, and it's viable to build systems where that's the
configuration you're running.

> Seriously. Some of the worst security issues have been with exactly
> the fact that we can't trust the hardware to begin with, where
> firmware/hardware combinations are not trusted to begin with.

You're right. But by that argument we might as well give up on *all*
security work - there's no way we can prove that a set of unprivileged
instructions won't backdoor a system.

> This is all theoretical security masturbation. The _real_ attacks have
> been elsewhere.

People made the same argument about Secure Boot, and then we
discovered that people *were* attacking the boot chain. As we secure
other components, the attackers move elsewhere. This is an attempt to
block off an avenue of attack before it's abused.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html