On Tue, Nov 14, 2017 at 2:14 PM, James Bottomley
[off-list ref] wrote:

On Tue, 2017-11-14 at 15:55 -0500, Matthew Garrett wrote:

quoted

TPM-backed Trusted Boot means you don't /need/ to sign anything,
since the measurements of what you loaded will end up in the TPM. But
signatures make it a lot easier, since you can just assert that only
signed material will be loaded and so you only need to measure the
kernel and the trusted keys.

Actually, I'd disagree with that quite a lot: measured boot only works
if you're attesting to something outside of your system that has the
capability for doing something about a wrong measurement.  Absent that,
measured boot has no safety whatsoever.  Secure boot, on the other
hand, can enforce not booting with elements that fail the signature
check.

Measured boot has a great deal of value in the sealing of private
material, even in the absence of attestation. The way Microsoft make
use of PCR7 is a good example of how signatures make this easier -
achieving the same goal with a full measurement of the boot chain
instead of relying on signature validation results in significantly
more fragility.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html