Query for contributing Qualcomm Public Key to Canonical
Shashank Arora
quic_shasaror at quicinc.com
Mon Sep 9 10:18:25 UTC 2024
Dear Ubuntu Kernel Team,
I am part of the “Qualcomm USB Host Driver Team,” and both our team and our customers are Ubuntu users.
We distribute our driver via the Qualcomm Package Manager, but users encounter issues during installation when Secure Boot is enabled in BIOS/UEFI. Our third-party kernel drivers (Qualcomm USB Host Driver) cannot be loaded without being signed with a private key and authenticated with the corresponding public key.
This public key must be enrolled in the UEFI Secure Boot key database via the “Enroll MOK” option in BIOS/UEFI. While this is a one-time process, it becomes impractical when managing over 100 systems, as the procedure must be repeated for each one.
Although we are working on upstreaming our driver, the process is taking longer than expected.
We would like to explore the possibility of Qualcomm providing the public key to Canonical. Once included in the Ubuntu image, users would no longer need to manually enroll the public key, allowing them to install the QUD Linux driver directly via the Qualcomm server.
We’ve noticed that public keys from vendors like Microsoft and Amazon are already included by default in Ubuntu systems. Based on this, we believe Qualcomm could contribute the public key officially.
Kindly let us know the needful to proceed further.
Best Regards,
Shashank Arora
More information about the kernel-team
mailing list