Risks of Using Linux OS with Enabled Firmware Update Mechanism (Linux Vendor Firmware Service)

Abstract

The article discusses the mechanism for updating the built-in software (firmware) in distributions of the Linux operating system (OS). Considering the import "substitution strategy" in Russia proposed in technology sector and the active transition to this OS, including in solutions related to the digitalization of the energy sector, the problem of additional control over the firmware update process, incl. in used domestic distributions (AstraLinux, AltLinux). At the moment most popular mechanism of automatic firmware update is Linux Vendor Firmware Service (LVFS), article includes brief description of its update process. Using software developed for complete monitoring LVFS metadata were found multiply inconsistencies of current scheme of firmware update — deleting of files from index, replacement of already uploaded images with same id. Also basing on client agent metadata it is possible to organize targeted substitution of binary images transferred by service directly to hardware bypassing built-in monitoring tools. Finally it is concluded that there are potential vulnerabilities in this mechanism and a solution is proposed in the form of organizing own service with additional layer for verification of "firmware" during process of its distribution. If scheme with additional security layer over base of popular and well proved by practice LVFS will be successful it can be used in industrial applications with including in future in appropriate standards as reference model.