| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1378657487.2300.10.camel@x230> Date: Sun, 8 Sep 2013 16:24:47 +0000 From: Matthew Garrett <matthew.garrett@...ula.com> To: Greg KH <gregkh@...uxfoundation.org> CC: Kees Cook <keescook@...omium.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, "hpa@...or.com" <hpa@...or.com> Subject: Re: [PATCH V3 08/11] kexec: Disable at runtime if the kernel enforces module loading restrictions On Sun, 2013-09-08 at 09:18 -0700, Greg KH wrote: > I want both, but I don't need signed kexec support because I want to use > kexec for a program that I "know" is correct because I validated the > disk image it was on before I mounted it. We already have other ways to > "verify" things without having to add individual verification of > specific pieces. The kernel has no way to know that your kexec payload is coming from a verified image. It'll just as happily take something from an unverified image. If you've ensured that there's no way an attacker can call kexec_load() on an unverified image, then you don't need signed modules. -- Matthew Garrett <matthew.garrett@...ula.com>
Powered by blists - more mailing lists