From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1W5klh-00061W-0Z for mharc-grub-devel@gnu.org; Tue, 21 Jan 2014 18:30:05 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37563) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1W5kle-00060L-Iz for grub-devel@gnu.org; Tue, 21 Jan 2014 18:30:03 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1W5kld-0000AH-Cc for grub-devel@gnu.org; Tue, 21 Jan 2014 18:30:02 -0500 Received: from v6.chiark.greenend.org.uk ([2001:ba8:1e3::]:38759 helo=chiark.greenend.org.uk) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1W5kld-00009x-6K for grub-devel@gnu.org; Tue, 21 Jan 2014 18:30:01 -0500 Received: from [172.20.153.9] (helo=riva.pelham.vpn.ucam.org) by chiark.greenend.org.uk (Debian Exim 4.72 #1) with esmtps (return-path cjwatson@ubuntu.com) id 1W5klb-0007jx-Rx for grub-devel@gnu.org; Tue, 21 Jan 2014 23:29:59 +0000 Received: from ns1.pelham.vpn.ucam.org ([172.20.153.2] helo=riva.ucam.org) by riva.pelham.vpn.ucam.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from ) id 1W5klb-0006Qe-5Z for grub-devel@gnu.org; Tue, 21 Jan 2014 23:29:59 +0000 Date: Tue, 21 Jan 2014 23:29:58 +0000 From: Colin Watson To: grub-devel@gnu.org Subject: Re: [PATCH] Add linuxefi module Message-ID: <20140121232957.GA24596@riva.ucam.org> References: <1390260488-18091-1-git-send-email-lkundrak@v3.sk> <20140121202447.66091674@opensuse.site> <52DEA04F.6030002@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <52DEA04F.6030002@gmail.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:ba8:1e3:: X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jan 2014 23:30:03 -0000 On Tue, Jan 21, 2014 at 05:29:03PM +0100, Vladimir 'φ-coder/phcoder' Serbinenko wrote: > This part is from RH "Secureboot" patch. Few things are right about that > patch. Whatever signature verifications would need to be integrated with > signatures framework (I have some scratch in phcoder/file_types) The RH SB patch is not ideal from a pure GRUB point of view. But realistically, in order to actually be useful in the (unfortunate) SB ecosystem that exists today where Microsoft is the effective root of trust on most mass-market hardware, we need to have a non-GPLv3 component that is what the firmware actually loads directly, it needs to be able to do signature checking in order to chain to GRUB, and it's unlikely to be helpful for the signature checking to be implemented in two places - so the scheme where GRUB calls out to shim seems to be an uncomfortable necessity there. I have no objection to there being some more native mechanism in GRUB that works when users take control of their own trust chain; that seems entirely consistent with the FSF's goals regarding UEFI. But I'm having trouble seeing how we could make use of it effectively in order to bootstrap free operating systems on firmware that only has the Microsoft keys in place, which I think is just as important now as the ability to run GNU software on proprietary Unixes was back in the 1980s. (Unless, of course, you mean that there ought to be something integrated into GRUB's signatures framework that would let it optionally call out to shim; that would be an interesting possibility.) -- Colin Watson [cjwatson@ubuntu.com]