1. The firmware is non-subvertable
2. The firmware boots a known, signed OS (e.g. SecureBoot)
The signed OS can *still* be persistently subverted at runtime if:
a. There exists a privilege escalation bug in the signed OS
b. There exists a privilege escalation bug in the signed OS involving the automatic parsing of some data (e.g. configuration).
c. That data can be persistently modified (i.e. you can modify/add files)
Anyone who has followed security news over the years would be unlikely to want to wager much on the non-existence of b, and a and c definitely exist.
Just signing the static code that booted is *not enough* to give you a guarantee that your signed OS can not be persistently modified. Claiming, e.g., SecureBoot can do so is just fundamentally wrong.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds