Re: Proposal for stage-1 boot loader for use with SecureBoot [Re: [Long] UEFI support]
On Fri, 6 Jul 2012, Rick Thomas <rbthomas@pobox.com> wrote:
> We need a "stage-1" boot loader, signed by somebody trusted (FSF?
> SFLC?) with a key that will be recognized by the SecureBoot BIOS.
> This is an un-changable binary blob, so it can't be GPL (is this a
> problem?)
There is no reason why GPL source can't be used for an unchangable binary. As
long as the source is supplied then it's not a problem.
Every Debian package is an unchangable binary, we don't change binaries we
just replace them with newer versions.
There is a huge range of embedded devices with the Linux kernel (and other GPL
software) in ROM which almost never get updated. A Linux kernel in a mobile
phone which has a locked boot loader is no different in terms of license from
a secure boot loader under the GPL.
Using GPL licensed software to enforce signature checks is not a problem
either. We have GPG (and many other programs) for checking signatures and
doing encryption and we have SE Linux (and many other options) for access
control.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
Reply to: