Fedora ARM and SecureBoot

[Andrew Haley]

On 06/08/2012 05:42 PM, Adam Jackson wrote:
> On Fri, 2012-06-08 at 16:29 +0100, Andrew Haley wrote:
>> On 06/08/2012 04:24 PM, Adam Jackson wrote:
>>> And?  I wasn't speaking to "we should sign our arm images with
>>> Microsoft's key", I was speaking to "we should support Secure Boot on
>>> arm".  If someone wants to build an arm machine with SB support capable
>>> of running non-Windows operating systems, why would we not want to run
>>> there, and why would enabling that look any different from self-signing
>>> an x86 machine?
>>
>> Forgive me if I'm missing something, but surely the reason we would
>> not want to run there is that our users would not be able to do so
>> as well: they wouldn't be able to modify our kernel and run it on
>> their machine.
> 
> I chose my words carefully.  I think you're hearing "Secure Boot on arm"
> and concluding "immutable Secure Boot configuration", which to my
> knowledge is not a given.  It's a given for machines that will ship with
> Windows for arm on them, and one can choose to be angry at Microsoft for
> that I suppose, but that's not necessarily a statement about the broader
> arm ecosystem.
>
> Personally I really like the idea of establishing my own trust chain on
> my own machines.  I like the idea that I can get the assurance that my
> firmware hasn't been rooted _and_ not rely on anyone else's cert safety
> practices but my own.  If I'm the sort of person who's taking my
> computer into hostile territory - insert oppressive government of choice
> here - that level of trust is potentially life saving.

I have no objection to such a secure boot either.

> And - though it pains me that this next thought might actually be
> unpopular, though closer investigation might reveal that I'm giving the
> feature too much credit, and without considering or conceding whether
> such a machine would be non-free - I'm pretty sure I am willing to
> sacrifice a minor technical point of software freedom for real gains in
> human freedom.

I suppose I don't know what minor technical point of software freedom
you're talking about.  I presume it's not the freedom to change a
program so it does your computing as you wish, which is scarcely a
minor anything.

> Software freedom is a means, not an end.
> 
> Microsoft's requirements for SB on x86 enable that kind of trust for
> Linux (and for anyone else who wants it).  It's possible to build arm
> machines the same way; they won't be able to run Windows, but whatever,
> as if I want to run Windows anyway.  If arm machines like that were to
> exist, why _wouldn't_ we want to support them?  For that matter, why
> would we not want to enable building them?

As long as the technology isn't used to bind users, no reason at all.

Andrew.