[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFxLRaZpBPUwPabmNoYGwTraM0aLv06rNPhstyT3k+hBig@mail.gmail.com>
Date: Thu, 21 May 2015 17:03:04 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: George Spelvin <linux@...izon.com>
Cc: Andy Lutomirski <luto@...capital.net>,
David Howells <dhowells@...hat.com>,
David Woodhouse <dwmw2@...radead.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
LSM List <linux-security-module@...r.kernel.org>,
petkan@...-labs.com, "Theodore Ts'o" <tytso@....edu>,
Mimi Zohar <zohar@...ux.vnet.ibm.com>
Subject: Re: Should we automatically generate a module signing key at all?
On Thu, May 21, 2015 at 4:54 PM, George Spelvin <linux@...izon.com> wrote:
>
> The annoying thing is that it's a two-pass process: the kernel has to
> have the hashes of ALL of the modules to generate the sibling hashes
> for ANY of them.
It's also very annoying because the whole build gets much nastier,
particularly if you want to have modules in external trees.
In short, I don't see any actual *advantages* over just using signed
modules. Signing is much more flexible, and thanks to that extra
indirection (the signing key), there are no ordering constraints on
generating modules vs the kernel.
I realize that people have political objections to signing, but it's
the better technology, for chissake!
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists