Random comments on LinuxBIOS
Eric W. Biederman
ebiederman at lnxi.com
Thu Apr 17 02:52:00 CEST 2003
ollie lho <ollie at sis.com.tw> writes:
>
> Wow !! It is really a patent evil. Prof Arbaugh invented the patent
> but assigned it to U of Penn such that he and/or his student can not
> do some things related in U of Maryland ??
I wonder if there is enough wiggle room in there to walk around the
patent in a LinuxBIOS scenario. Our standing assumptions are quite
different, and there are some of the pieces suggested that have much
cleaner alternatives.
As I slowly digest the ideas I have a very hard time with the idea
of signing a boot block, and believing that will provide some measure
of security and trust. At that point there is software chaining but
more than that there is not enough room in a boot block to verify
the loaded operating system. Unless someone is a lot more creative
with 512 bytes that I am.
Quite a few of the pieces I know it is safe to write and deploy
while they do not compose a complete solution. Teaching etherboot
about IPsec is totally outside the scope of the patent, for example.
Though for Bill and his students there may be some good faith with
the university system that keeps them from exercising all of their
options.
Eric
More information about the coreboot
mailing list