Secure boot/signed images and GPL code

Deepak Kodihalli deepak.kodihalli.83 at gmail.com
Wed Nov 4 04:20:07 AEDT 2020


Hi,

Does secure boot on the BMC (I think for my question it doesn't matter
where the hardware root of trust is - it could be on the BMC or an external
chip) or signed images deprive users of rights associated with code in
OpenBMC that is GPL licensed? Meaning, GPL allows users to modify and
distribute the GPL components. I'm not a legal expert, but I understand
from the legal team in my company that these rights are not limited to
making modifications to the GPL code and that they also imply being able to
deploy/boot such modified code; and the problem is secure boot/signed
images would prevent the same. It also looks like this isn't specific to
GPLv3, but GPL in general (for eg GPLv2 clause 6).

How are others dealing with this:
- By having an ability to disable secure boot (I see this as optional in
https://gerrit.openbmc-project.xyz/#/c/openbmc/docs/+/26169/)? What if this
is not an option on a system?
- Other options?
- Do you (or your legal team) view this is only a GPLv3 problem, or not a
problem at all?

Thanks,
Deepak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20201103/cb993928/attachment.htm>


More information about the openbmc mailing list