LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Why not just chainload grub?

Why not just chainload grub?

Posted Jun 22, 2012 21:54 UTC (Fri) by raven667 (subscriber, #5198)
In reply to: Why not just chainload grub? by cjb
Parent article: Details on Ubuntu's UEFI secure boot plan

> GPLv3 source request with *any keys*

I don't believe this is true, GPLv3 only requires that the user has the ability to replace installed binaries with their own modified versions, it's not specific as to how this is accomplished. The simplest and most effective way would be to provide for key management or disabling by the end user.

If anyone ever asked me, I'd suggest that one way for manufacturers to accomplish GPLv3 compliance in this regard would be to tie the boot loader verification to some tamper evident seal inside the unit. If you break the seal then you can load your own keys or disable the boot lock and it's clear that the device software is now your responsibility and not the manufacturers, also this might disable any DRM encumbered software on the box, like media players. That seems to be a win-win, manufacturers can safely ship GPLv3 software and users have full control over their devices.

(Log in to post comments)

Why not just chainload grub?

Posted Jun 28, 2012 10:38 UTC (Thu) by jschrod (subscriber, #1646) [Link]

> > GPLv3 source request with *any keys*

> I don't believe this is true.

According to this week's Security page feature article, the FSF says that it's probably true. Thus, I can understand that Canonical is careful.

Why not just chainload grub?

Posted Jun 29, 2012 7:02 UTC (Fri) by raven667 (subscriber, #5198) [Link]

That is a horrible FAQ entry and could really use some further elaboration. The way the FAQ explains it undercuts the GPLv3 and inadvertently provides FUD for detractors to throw around.

http://www.gnu.org/licenses/gpl-faq.html#GiveUpKeys

Their secure boot specific FAQ doesn't say anything like that and specifically references Matt Garrett's documents on the matter. Fedora obviously doesn't think there is anything wrong with signing a GPLv3 GRUB2 and the FSF links to it as their explanation.

http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/

There is another thread along the same lines here https://lwn.net/Articles/504015/. A vendor shipping a signed, boot locked, GPLv3 GRUB2 would be a pirate, distributing without a valid copyright license. There are many way ways to resolve that, recalling/refund/RMA of hardware, a firmware update, etc where disclosing the private signing keys is the least likely method to achieve compliance, although it is a valid one.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds