Random comments on LinuxBIOS

Adam Agnew agnew at cs.umd.edu
Thu Apr 17 10:29:00 CEST 2003

On 17 Apr 2003, Eric W. Biederman wrote:

> ollie lho <ollie at sis.com.tw> writes:
> >
> > Wow !! It is really a patent evil. Prof Arbaugh invented the patent
> > but assigned it to U of Penn such that he and/or his student can not
> > do some things related in U of Maryland ??
> I wonder if there is enough wiggle room in there to walk around the
> patent in a LinuxBIOS scenario.  Our standing assumptions are quite
> different, and there are some of the pieces suggested that have much
> cleaner alternatives.
> As I slowly digest the ideas I have a very hard time with the idea
> of signing a boot block, and believing that will provide some measure
> of security and trust.  At that point there is software chaining but
> more than that there is not enough room in a boot block to verify
> the loaded operating system.  Unless someone is a lot more creative
> with 512 bytes that I am.

I can't think of a way to sign a boot block either. That's why its nice to
just load the linux kernel as an elf image. When you start booting
expansion roms, loading bootloaders from boot sectors, booting off of
floppies, loading Windows.. it gets a lot fuzzier..

> Quite a few of the pieces I know it is safe to write and deploy
> while they do not compose a complete solution.  Teaching etherboot
> about IPsec is totally outside the scope of the patent, for example.
> Though for Bill and his students there may be some good faith with
> the university system that keeps them from exercising all of their
> options.


More information about the coreboot mailing list