From: Jakub Kicinski <kuba@kernel.org>
To: Martyna Szapar-Mudlaw <martyna.szapar-mudlaw@linux.intel.com>
Cc: netdev@vger.kernel.org, andrew+netdev@lunn.ch, horms@kernel.org,
jiri@resnulli.us, stephen@networkplumber.org,
anthony.l.nguyen@intel.com, jacob.e.keller@intel.com,
przemyslaw.kitszel@intel.com, intel-wired-lan@lists.osuosl.org
Subject: Re: [Intel-wired-lan] [RFC 0/1] Proposal for new devlink command to enforce firmware security
Date: Mon, 9 Dec 2024 15:36:00 -0800 [thread overview]
Message-ID: <20241209153600.27bd07e1@kernel.org> (raw)
In-Reply-To: <20241209131450.137317-2-martyna.szapar-mudlaw@linux.intel.com>
On Mon, 9 Dec 2024 14:14:50 +0100 Martyna Szapar-Mudlaw wrote:
> Proposed design
>
> New command, `devlink dev lock-firmware` (or `devlink dev guard-firmware`),
> will be added to devlink API. Implementation in devlink will be simple
> and generic, with no predefined operations, offering flexibility for drivers
> to define the firmware locking mechanism appropriate to the hardware's
> capabilities and security requirements. Running this command will allow
> ice driver to ensure firmware with lower security value downgrades are
> prevented.
>
> Add also changes to Intel ice driver to display security values
> via devlink dev info command running and set minimum. Also implement
> lock-firmware devlink op callback in ice driver to update firmware
> minimum security revision value.
devlink doesn't have a suitable security model. I don't think we should
be adding hacks since we're not security experts and standards like SPDM
exist.
I understand that customers ask for this but "security" is not a
checkbox, the whole certificate and version management is necessary.
WARNING: multiple messages have this Message-ID (diff)
From: Jakub Kicinski <kuba@kernel.org>
To: Martyna Szapar-Mudlaw <martyna.szapar-mudlaw@linux.intel.com>
Cc: netdev@vger.kernel.org, andrew+netdev@lunn.ch, horms@kernel.org,
jiri@resnulli.us, stephen@networkplumber.org,
anthony.l.nguyen@intel.com, jacob.e.keller@intel.com,
przemyslaw.kitszel@intel.com, intel-wired-lan@lists.osuosl.org
Subject: Re: [RFC 0/1] Proposal for new devlink command to enforce firmware security
Date: Mon, 9 Dec 2024 15:36:00 -0800 [thread overview]
Message-ID: <20241209153600.27bd07e1@kernel.org> (raw)
In-Reply-To: <20241209131450.137317-2-martyna.szapar-mudlaw@linux.intel.com>
On Mon, 9 Dec 2024 14:14:50 +0100 Martyna Szapar-Mudlaw wrote:
> Proposed design
>
> New command, `devlink dev lock-firmware` (or `devlink dev guard-firmware`),
> will be added to devlink API. Implementation in devlink will be simple
> and generic, with no predefined operations, offering flexibility for drivers
> to define the firmware locking mechanism appropriate to the hardware's
> capabilities and security requirements. Running this command will allow
> ice driver to ensure firmware with lower security value downgrades are
> prevented.
>
> Add also changes to Intel ice driver to display security values
> via devlink dev info command running and set minimum. Also implement
> lock-firmware devlink op callback in ice driver to update firmware
> minimum security revision value.
devlink doesn't have a suitable security model. I don't think we should
be adding hacks since we're not security experts and standards like SPDM
exist.
I understand that customers ask for this but "security" is not a
checkbox, the whole certificate and version management is necessary.
next prev parent reply other threads:[~2024-12-09 23:36 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-09 13:14 [Intel-wired-lan] [RFC 0/1] Proposal for new devlink command to enforce firmware security Martyna Szapar-Mudlaw
2024-12-09 13:14 ` Martyna Szapar-Mudlaw
2024-12-09 13:14 ` [Intel-wired-lan] [RFC 1/1] devlink: add new devlink lock-firmware command Martyna Szapar-Mudlaw
2024-12-09 13:14 ` Martyna Szapar-Mudlaw
2024-12-09 23:36 ` Jakub Kicinski [this message]
2024-12-09 23:36 ` [RFC 0/1] Proposal for new devlink command to enforce firmware security Jakub Kicinski
2024-12-11 12:15 ` [Intel-wired-lan] " Szapar-Mudlaw, Martyna
2024-12-11 12:15 ` Szapar-Mudlaw, Martyna
2024-12-11 14:16 ` [Intel-wired-lan] " Andrew Lunn
2024-12-11 14:16 ` Andrew Lunn
2024-12-12 2:11 ` [Intel-wired-lan] " Jakub Kicinski
2024-12-12 2:11 ` Jakub Kicinski
2024-12-16 15:09 ` [Intel-wired-lan] " Przemek Kitszel
2024-12-16 15:09 ` Przemek Kitszel
2024-12-16 15:53 ` [Intel-wired-lan] " Jakub Kicinski
2024-12-16 15:53 ` Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241209153600.27bd07e1@kernel.org \
--to=kuba@kernel.org \
--cc=andrew+netdev@lunn.ch \
--cc=anthony.l.nguyen@intel.com \
--cc=horms@kernel.org \
--cc=intel-wired-lan@lists.osuosl.org \
--cc=jacob.e.keller@intel.com \
--cc=jiri@resnulli.us \
--cc=martyna.szapar-mudlaw@linux.intel.com \
--cc=netdev@vger.kernel.org \
--cc=przemyslaw.kitszel@intel.com \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.