On Fri, Dec 30, 2016 at 11:10 AM, [email protected] <[email protected]> wrote: > On 12/29/2016 04:02 PM, Rusty Bird wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> Trammell Hudson: >>> >>> On Tuesday I presented my work on the Heads firmware at 33C3 and >>> gave Qubes OS (and Joanna's 32C3 tallk) a shout-out. You can watch >>> the video, titled "Bootstrapping a slightly more secure laptop": >> >> This looks really nice, I hope to finally be able to try it soonish. >> >> With Qubes already moving towards open firmware (which probably means >> coreboot in the foreseeable future?), Heads seems like it could be a >> kind of natural successor to AEM and get rid of all the tboot/SINIT >> related headaches. >> >> Has there been any progress in upstreaming the hypervisor patch, now >> that you have a rock solid use case? >> >>> I'd really like to figure >>> out how to pass the secret key from the Heads bootloader to Qubes' >>> initrd in a supported fashion. >> >> If I understand it right, [rd.]luks.key= isn't working as it should? >> I've played around with that a tiny bit and systemd-cryptsetup-generator >> was indeed behaving weirdly, some "out of memory" nonsense. >> >> Rusty >> -----BEGIN PGP SIGNATURE----- >> >> iQJ8BAEBCgBmBQJYZXnKXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w >> ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEI1OUJDRkM2MkIxMjlGRTFCMDZEMDQ0 >> NjlENzhGNDdBQUYyQURGAAoJEEadePR6ryrf1/YP/R7PqGlsQIE5vrcnGpg/6vm5 >> udi9Hb629B0sTi1IPK0rHQqJxRJiVvVUQkciMab+KSbzwfxMTFD7A0eufa73ujiE >> dYEOKajP0Avwa8nUMYx9TRpj5S0KqmUmPLBGEGnQbvt3Qg0itsbaAqJsZN9SOM/f >> zDPeYzudR3Bm0H/ExzQ2wKGS0tQ4DWNVi7tOu/j4uW8UBZS2ifF1BX7GjRTA/CWR >> mYI9bx0QcC9XmMeb+gJHznPGR8N9XXjOh1RjqRZu/Db3e5kB7Jet10NQaaM1hO+2 >> Ou3PW4/P35RX232l0EqPq/PwXwoVwx7JIRIVBctX755siTDV1reP4piHYdmn6O9Z >> m8WpfDaPTDSDp73+7NosZE9oydb30iNIBeGaKf4/c7MWfKgh1Y8M0GPMQYWIAxQL >> QxFzIH/gkJ/vWlmtARrgiSrMmMNsOFe1TiXksJc1vnVzXS5nlKV8RQAcREURCb43 >> tSii74nWW11qxPsDa211wl6nH5xV5zS+D4z3/t5l0VjoIR/JB/LmjPuRGvuMWrsW >> 2g/Mtn1qYUS4KiK0zsT/qsebstTz0EXqiokaNhAX50e+BG4nDljftTo8MZzOpndl >> vL9CJ15NwG415KW0tv8gclx6HEUMwnXOEM9mXbNiDjNTKIJ49ZtQSliG6WWhymhO >> P9VL8vcktNT+xDJX6TAZ >> =iDY+ >> -----END PGP SIGNATURE----- >> > Qubes isn't "moving to open firmware", new x86-64 intel and (now) AMD > (ZEN+FM2) processors make real libre firmware impossible with more and more > "security" measures such as FSP, boot guard, ME/PSP, etc. > And before anyone says "but purism", they're lying and entirely full of it > as they will never be able to convince intel to open source anything at all, > if google can't pull it off nobody can. > Blobbed firmware isn't open firmware.
For security purposes, it would be enough if we could get open sources, the blob and a reproducible build, while being able to verify if the original blob came from such reproducible build. This way we can audit the blob and perhaps trust it. Qubes per se does not care about libre or replacing, it cares about security. However Intel has never been conducive to opening the blobs. AMD might be easier to convince, their main problem is maintenance it seems, not lack of will. They used to contribute to Coreboot etc a bunch of years past. Their FSP thing is also based on modern ARM instead of weird custom ARC/SPARC chip, making it slightly easier to work with. Also who knows what kind of backdoors lurk in there. If that is the true reason, then we're plain out of luck. > You have impressive skills, but x86 is dead - even if you manage to somehow > turn a recent x86 device in to a libre firmware platform intel/amd will > simply issue a "fix" with the next hardware release. > My next laptop will be a custom build, stick a non-laptop motherboard in a > DIY case as there aren't any other real options for mobile workstations. That doesn't change anything about the blobs. The latest blob-free hardware you could get is 2012 era for desktops. > The only legitimate option for open source firmware machines at this point > is POWER and (some) ARM, just ultra high end servers and low power devices > (like the novena) Novena in fact is available now, but sadly nobody is making a libre ultrabook like that yet. It's not quite strong enough for certain usages, but those usages rarely require full assurance. The problem is lack of full hardware virtualization yet. The current TrustZone etc. is too limited for what Qubes requires. Paravirtualization would work though. > IBM sells servers only, presumably you could insert a graphics card however > there is also the TALOS project which aims to produce a fully open > (including hardware) POWER8 workstation motherboard (I assume you already > know, but here it is for everyone else) > https://www.crowdsupply.com/raptorcs/talos POWER is way expensive, niche and unsurprisingly much less supported everywhere than ARM. I think it does support hardware virtualization but never had time to play with it. IBM likes their semi-walled garden and loves to sell their own "solutions". -- Radosław Szkodziński -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CAAmECqSsvCgtD%2BK7v%3DQbacnVM%3Db_BO38G%2BFGD%2BXm_PQC%2BzcYOg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
