[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 04 Apr 2018 16:22:06 +0000
From: Matthew Garrett <mjg59@...gle.com>
To: tytso@....edu, David Howells <dhowells@...hat.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
luto@...nel.org, Ard Biesheuvel <ard.biesheuvel@...aro.org>,
jmorris@...ei.org, Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
jforbes@...hat.com, linux-man@...r.kernel.org, jlee@...e.com,
LSM List <linux-security-module@...r.kernel.org>,
linux-api@...r.kernel.org, Kees Cook <keescook@...omium.org>,
linux-efi <linux-efi@...r.kernel.org>
Subject: Re: [GIT PULL] Kernel lockdown for secure boot
On Wed, Apr 4, 2018 at 6:52 AM Theodore Y. Ts'o <tytso@....edu> wrote:
> On Wed, Apr 04, 2018 at 02:33:37PM +0100, David Howells wrote:
> > Theodore Y. Ts'o <tytso@....edu> wrote:
> >
> > > Whoa. Why doesn't lockdown prevent kexec? Put another away, why
> > > isn't this a problem for people who are fearful that Linux could be
> > > used as part of a Windows boot virus in a Secure UEFI context?
> >
> > Lockdown mode restricts kexec to booting an authorised image (where the
> > authorisation may be by signature or by IMA).
> If that's true, then Matthew's assertion that lockdown w/o secure boot
> is insecure goes away, no?
If you don't have secure boot then an attacker with root can modify your
bootloader or kernel, and on next boot lockdown can be silently disabled.
Powered by blists - more mailing lists