lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130226030249.GB23834@kroah.com>
Date:	Mon, 25 Feb 2013 19:02:49 -0800
From:	Greg KH <gregkh@...uxfoundation.org>
To:	Matthew Garrett <mjg59@...f.ucam.org>
Cc:	David Howells <dhowells@...hat.com>,
	Florian Weimer <fw@...eb.enyo.de>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Josh Boyer <jwboyer@...hat.com>,
	Peter Jones <pjones@...hat.com>,
	Vivek Goyal <vgoyal@...hat.com>,
	Kees Cook <keescook@...omium.org>, keyrings@...ux-nfs.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [GIT PULL] Load keys from signed PE binaries

On Tue, Feb 26, 2013 at 02:33:32AM +0000, Matthew Garrett wrote:
> On Mon, Feb 25, 2013 at 04:59:55PM -0800, Greg KH wrote:
> 
> > Wait right here.  This is NOT mandated by UEFI, nor by anyone else.  It
> > might be a nice thing that some people and companies want to implement,
> > but please don't think that some external entity is requiring that Linux
> > implement this, that is not true.
> 
> Oh, come on Greg. Allowing unsigned modules allows loading arbitrary 
> code into the kernel, and allowing arbitrary code into the kernel means 
> that the kernel can be used to directly boot a modified copy of the 
> Windows kernel. Avoiding that scenario is *explicitly* mandated by 
> Microsoft.

Then why is the signed shim is currently being used by successfully by
distros that do not use signed kernel modules?

> We can avoid it by either not using Microsoft as the root of 
> trust or by requiring explicit key installation during the OS install 
> process, but both of those make OS installation more difficult. If we 
> want Linux to Just Work out of the box on Microsoft-certified hardware, 
> this is one of the rules we have to live by.

I don't see that being required in the wording for the Microsoft signing
authority, and in personal discussions with them, they say it would be
nice, but they can't force the issue.  Where does it say this in the
agreement specifically?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ