Re: [PATCH 00/23] Crypto keys and module signing

From: Lucas De Marchi
Date: Thu Jun 21 2012 - 23:30:57 EST

Next message: Bjorn Helgaas: "Re: Initializing iwl3945 error"
Previous message: Dave Chinner: "Re: mount stuck, khubd blocked"
In reply to: Greg KH: "Re: [PATCH 00/23] Crypto keys and module signing"
Next in thread: Rusty Russell: "Re: [PATCH 00/23] Crypto keys and module signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Sorry to jump into this discussion only now, but
linux-modules@xxxxxxxxxxxxxxx was not CC'ed and I was not following
LKML last month.

On Thu, Jun 21, 2012 at 10:53 PM, Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> On Sun, May 27, 2012 at 03:11:23PM +0930, Rusty Russell wrote:
>> > > > Why would you want multiple signatures? ÂThat just complicates things.
>> > >
>> > > The code above stays pretty simple; if the signature fails, you set size
>> > > to i, and loop again. ÂAs I said, if you know exactly how you're going
>> > > to strip the modules, you can avoid storing the stripped module and
>> > > simply append both signatures.
>> >
>> > You still haven't justified it. ÂOne of your arguments about rejecting the ELF
>> > parsing version was that it was too big for no useful extra value that I could
>> > justify. ÂSupporting multiple signatures adds extra size and complexity for no
>> > obvious value.
>>
>> One loop is a lot easier to justify that the ELF-parsing mess. ÂAnd it
>> can be done in a backwards compatible way tomorrow: old kernels will
>> only check the last signature.
>>
>> I had assumed you'd rather maintain a stable strip util which you can
>> use on kernel modules than rework your module builds. ÂI guess not.
>
> To dig an old thread up, but what really is wrong with the original ELF
> section stuff? ÂWhy encode "magic" values on the end of the kernel
> module that then require all userspace tools to be modified in order to
> properly handle this?
>
> When I first did this so many many years ago an elf section made it so
> easy to handle. ÂUserspace didn't need to be modified, and everyone
> knows how to handle elf sections, even the kernel does :)

Indeed. What's wrong with creating an ELF section for this and let
kernel deal with it? I fail to see the need for init_module2()

I need to catch up with this discussion though since I was not aware of that.

Lucas De Marchi

>
> And I think we really want the ability to have multiple signatures, the
> whole "chain of trust" thing that is needed will work out much better if
> multiple signatures are allowed. ÂPutting it in an elf section allows
> this to work out easier, right?
>
> confused,

me too.

Lucas De Marchi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bjorn Helgaas: "Re: Initializing iwl3945 error"
Previous message: Dave Chinner: "Re: mount stuck, khubd blocked"
In reply to: Greg KH: "Re: [PATCH 00/23] Crypto keys and module signing"
Next in thread: Rusty Russell: "Re: [PATCH 00/23] Crypto keys and module signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]