Re: Fw: signed kernel modules?

From: David Howells
Date: Thu Oct 14 2004 - 05:19:35 EST

Next message: Rui Nuno Capela: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U0"
Previous message: Karel Kulhavy: "i2c-parport, ELV documentation"
In reply to: Rusty Russell (IBM): "Re: Fw: signed kernel modules?"
Next in thread: Rusty Russell (IBM): "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I'd appreciate your opinion on the issue at hand. Is it worth 600 lines
> of ELF verification and canonicalization code so we can strip modules
> without altering the signature?

You have to some of the ELF verification anyway, otherwise your suggested way
is just as pointless. You had included somde code in your example, but what
that did wasn't sufficient either - it can trivially be broken.

I think we should verify the ELF anyway upon module load; it doesn't take very
long, and the data cache works in our favour. This then means we can drop some
checks later on in the module loading because we can trust the ELF to a known
extent.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rui Nuno Capela: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U0"
Previous message: Karel Kulhavy: "i2c-parport, ELV documentation"
In reply to: Rusty Russell (IBM): "Re: Fw: signed kernel modules?"
Next in thread: Rusty Russell (IBM): "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]