On Wed, Oct 26, 2016 at 08:42:07AM +0200, Philipp Kern wrote:
> > To the extent that we could easily support this particular use case,
> > it might be a good thing. (I doubt Debian is going to want to get
> > into the business of verifying and then resigning firmware blobs.)
>
> Depends if you are then able to flash it into the addon card you have
> (think VGA BIOS on an NVIDIA graphics card), which requires a) access to
> some flash process and b) depending on that potentially a signature
> trusted by the device to accept the update.
So I guess I was assuming the use case where the firmware is
dynamically loaded into RAM each time the machine boot. For example,
this is how the Intel Wireless drivers' firmware is handled. I need
to have the binary blob iwlwifi-8000C-22.ucode available on my system
each time it boots, or the wifi card no talkee to the network. Since
it is needed each time the system boots, and certain cases (for
example, a firewire device which can do arbitrary, unrestricted,
device-initiated DMA requests anywhere in host memory[1]), it would
make sense that the firmware needs to be signed before it can be loaded.
In the case of firmware which is flashed into non-volatile memory, I
would guess that the it probably wouldn't necessarliy use the
Microsoft signing key at all. (For example, for a long time most
printers were not bothering to do any digital signature checking at
all before installing a firmware update.)
> Otherwise you end up with no graphics output on bootup because the
> system is not trusting the blob on your graphics card to run. If you
> screw it up too heavily, you can render your machine unbootable as well.
> (I know a coworker succeeded in doing that when modifying the key set.)
> Nothing a SPI programmer can't fix, but it'd be annoying nonetheless.
I suspect that most firmwares that have to be flashed will need to be
done using vendor-provided software. For example, on Lenovo systems,
where you have to get the BIOS update on a bootable USB stick which
you then boot. In that case it's largely orthogonal to Linux and
Debian altogether.
The problem would be more for firmwares which have to be loaded each
time you boot Linux.
Cheers,
- Ted
