Query for contributing Qualcomm Public Key to Canonical
Jose Ogando
jose.ogando at canonical.com
Mon Sep 30 08:50:37 UTC 2024
For the record, this discussion followed up privately.
On Mon, 2024-09-09 at 15:48 +0530, Shashank Arora wrote:
> Dear Ubuntu Kernel Team,
>
> I am part of the “Qualcomm USB Host Driver Team,” and both our team
> and our customers are Ubuntu users.
>
> We distribute our driver via the Qualcomm Package Manager, but users
> encounter issues during installation when Secure Boot is enabled in
> BIOS/UEFI. Our third-party kernel drivers (Qualcomm USB Host Driver)
> cannot be loaded without being signed with a private key and
> authenticated with the corresponding public key.
>
> This public key must be enrolled in the UEFI Secure Boot key database
> via the “Enroll MOK” option in BIOS/UEFI. While this is a one-time
> process, it becomes impractical when managing over 100 systems, as
> the procedure must be repeated for each one.
>
> Although we are working on upstreaming our driver, the process is
> taking longer than expected.
>
> We would like to explore the possibility of Qualcomm providing the
> public key to Canonical. Once included in the Ubuntu image, users
> would no longer need to manually enroll the public key, allowing them
> to install the QUD Linux driver directly via the Qualcomm server.
>
> We’ve noticed that public keys from vendors like Microsoft and Amazon
> are already included by default in Ubuntu systems. Based on this, we
> believe Qualcomm could contribute the public key officially.
>
> Kindly let us know the needful to proceed further.
>
>
> Best Regards,
> Shashank Arora
>
More information about the kernel-team
mailing list