lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sat, 19 May 2012 10:23:05 +0930
From:	Rusty Russell <rusty@...tcorp.com.au>
To:	David Howells <dhowells@...hat.com>
Cc:	kyle@...artin.ca, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org, keyrings@...ux-nfs.org
Subject: Re: [PATCH 00/29] Crypto keys and module signing [ver #4]

On Fri, 11 May 2012 00:39:01 +0100, David Howells <dhowells@...hat.com> wrote:
> 
> Hi Rusty,
> 
> Here's my latest take on my module signing patch set.  I've retained my
> strip-proof[*] signature-in-module concept, but I've shrunk the module
> verification code by nearly half.  Its .text segment now stands at just over 2K
> in size for an x86_64 kernel.

Hi David!

        I get it.  Some management bigwig at RH has told you to get this
patch in, right?  And you told them it'd had been Nacked, that the
maintainer had said it was never going in, and of course, that it was a
stupid idea and to give up on the idea of stripping modules after
signing, and just append a magic marker and the signature.

        But they just wouldn't listen, would they?  So you had to waste
your time polishing this turd, until you annoy me enough to get the kind
of flaming rejection which is visible from space and chars the eyeballs
of your manager so they understand.

        Well, here it is.  I even put it in caps for you!

NAK.  THIS PATCH WILL NEVER, EVER GO IN.  I AM NOT PUTTING CRAP IN THE
KERNEL BECAUSE RH CAN'T FIGURE OUT HOW TO PRODUCE STRIPPED VERSIONS OF
MODULES DURING BUILD.  DON'T BE TOO PROUD OF THIS TECHNOLOGICAL TERROR
YOU'VE CONSTRUCTED.

I look forward to you updated patch series!
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ