16 Jan
2013
16 Jan
'13
09:09
On Tuesday 15 January 2013 23:55:02 Greg KH wrote:
And all firmware should already be signed, you are trying to extend the chain-of-trust to a different processor on the system, which is _way_ beyond what UEFI is asking for, and beyond anything that anyone has ever suggested.
I really don't think these are necessary, does anyone else?
They are necessary. In terms of hardware most PCI devices are capable of writing into RAM whereever they want to. Therefore the ability to load altered firmware into a device is equivalent to the ability to alter RAM at will. Regards Oliver -- To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org