Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752163AbbEZTwv (ORCPT <rfc822;w@1wt.eu>);
	Tue, 26 May 2015 15:52:51 -0400
Received: from e28smtp08.in.ibm.com ([122.248.162.8]:33592 "EHLO
	e28smtp08.in.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752077AbbEZTwt (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 26 May 2015 15:52:49 -0400
Message-ID: <1432669955.2450.269.camel@linux.vnet.ibm.com>
Subject: Re: [RFD] linux-firmware key arrangement for firmware signing
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Cc: Petko Manolov <petkan@mip-labs.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Seth Forshee <seth.forshee@canonical.com>,
        "Luis R. Rodriguez" <mcgrof@suse.com>,
        linux-security-module@vger.kernel.org, james.l.morris@oracle.com,
        serge@hallyn.com, linux-kernel@vger.kernel.org,
        linux-wireless@vger.kernel.org, David Howells <dhowells@redhat.com>,
        Kyle McMartin <kyle@kernel.org>,
        David Woodhouse <david.woodhouse@intel.com>, Joey Lee <jlee@suse.de>,
        Rusty Russell <rusty@rustcorp.com.au>, mricon@kernel.org
Date: Tue, 26 May 2015 15:52:35 -0400
In-Reply-To: <20150526180813.0ba1b5f5@lxorguk.ukuu.org.uk>
References: <20150519200232.GM23057@wotan.suse.de>
	 <20150520140426.GB126473@ubuntu-hedt>
	 <20150520172446.4dab5399@lxorguk.ukuu.org.uk>
	 <20150520164613.GD10473@localhost>	<20150521044104.GH22632@kroah.com>
	 <20150521054101.GA15037@localhost>	<20150521061453.GC30864@kroah.com>
	 <1432213521.4230.43.camel@linux.vnet.ibm.com>
	 <20150521154508.GA11821@kroah.com>	<20150521155319.GG18164@localhost>
	 <20150526180813.0ba1b5f5@lxorguk.ukuu.org.uk>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.12.10 (3.12.10-1.fc21) 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-TM-AS-MML: disable
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 15052619-0029-0000-0000-000006207FA9
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 965
Lines: 23

On Tue, 2015-05-26 at 18:08 +0100, One Thousand Gnomes wrote:

> IMHO we want the supplier of a given firmware providing signatures on
> the firmware git tree if this is done. A generic linux-firmware owned key
> would be both a horrendously inviting attack target, and a single point of
> failure.
> 
> Git can already do all the needed commit signing bits unless I'm missing
> something here ?

Nice!  I haven't tried signing commits yet.  Assuming the signatures can
be extracted from git, the firmware blob git commit signature could be
stored either as a security xattr or appended (eg. similar to kernel
modules).  The end system owner could then make the decision to load the
associated public key or not.

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/