lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150902000015.GV8051@wotan.suse.de>
Date:	Wed, 2 Sep 2015 02:00:15 +0200
From:	"Luis R. Rodriguez" <mcgrof@...e.com>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	David Woodhouse <dwmw2@...radead.org>,
	David Howells <dhowells@...hat.com>,
	Andy Lutomirski <luto@...capital.net>,
	Kees Cook <keescook@...omium.org>,
	"Roberts, William C" <william.c.roberts@...el.com>,
	"linux-security-module@...r.kernel.org" 
	<linux-security-module@...r.kernel.org>,
	linux-kernel@...r.kernel.org, linux-wireless@...r.kernel.org,
	"james.l.morris@...cle.com" <james.l.morris@...cle.com>,
	"serge@...lyn.com" <serge@...lyn.com>,
	Vitaly Kuznetsov <vkuznets@...hat.com>,
	Paul Moore <paul@...l-moore.com>,
	Eric Paris <eparis@...isplace.org>, selinux@...ho.nsa.gov,
	Stephen Smalley <sds@...ho.nsa.gov>,
	"Schaufler, Casey" <casey.schaufler@...el.com>,
	"Luis R. Rodriguez" <mcgrof@...not-panic.com>,
	Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Peter Jones <pjones@...hat.com>, Takashi Iwai <tiwai@...e.de>,
	Ming Lei <ming.lei@...onical.com>, Joey Lee <jlee@...e.de>,
	"Vojtěch Pavlík" <vojtech@...e.com>,
	Kyle McMartin <kyle@...nel.org>,
	Seth Forshee <seth.forshee@...onical.com>,
	Matthew Garrett <mjg59@...f.ucam.org>,
	Johannes Berg <johannes@...solutions.net>,
	Julia Lawall <julia.lawall@...6.fr>,
	Jay Schulist <jschlst@...ba.org>,
	Daniel Borkmann <dborkman@...hat.com>,
	Alexei Starovoitov <ast@...mgrid.com>
Subject: Re: Linux Firmware Signing

On Mon, Aug 31, 2015 at 12:45:36PM -0400, Mimi Zohar wrote:
> On Mon, 2015-08-31 at 17:05 +0100, David Woodhouse wrote:
> > On Mon, 2015-08-31 at 10:18 -0400, Mimi Zohar wrote:
> > > I'm not real happy about it, but since we can't break the existing ABI
> > > of loading data into the kernel via a buffer, a stop gap method of
> > > signing and verifying a buffer would be needed.
> > 
> > Actually I think we can. The usermode helper is already being phased
> > out.
>
> Right.  The discussion has moved beyond just firmware, but to policies
> and other things the kernel consumes.

And I'm saying that if the pitch here is we should be vetting *all* buffers
passed to the kernel I'd agree a generic interface is desriable but more
importantly I think we should get everyone on board first and its not clear
to me that has yet happened.

For the other interfaces were discussing that *did* have an obvious file
descriptor (struct fd), or file (struct file) use it would seem obvious
to try to streamline that and share the code there (modules, firmware, kexec,
initramfs, SELinux policy files), our only issues there were what to do about
file that some distros require to be generated by machines and are machine
specific (SELinux policy file in some cases, initramfs in some others) and
for that Paul had suggested to consider the Machine Owner Key (MOK) -- but now
for buffers.... its news to me we had everyone up in arms in agreement on that
crusade. I didn't even know such crusade existed. I can see why, but was just
not aware there was an effort to streamline a solution.

  Luis
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ