On Tue, Nov 14, 2017 at 07:21:38AM -0500, Mimi Zohar wrote:

On Mon, 2017-11-13 at 14:09 -0800, Linus Torvalds wrote:

quoted

On Mon, Nov 13, 2017 at 1:44 PM, David Howells [off-list ref] wrote:

quoted

Whilst that may be true, we either have to check signatures on every bit of
firmware that the appropriate driver doesn't say is meant to be signed or not
bother.

I vote for "not bother".

Seriously, if you have firmware in /lib/firmware, and you don't trust
it, what the hell are you doing?

I might "trust" the files in /lib/firmware, but I also want to make
sure that they haven't changed. ?File signatures provide file
provenance and integrity guarantees.

Then "verify" them with signatures that you generate yourself.  Like
dm-verify does for the partition that you put the firmware on.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html