Re: [GIT PULL] Kernel lockdown for secure boot

From: Matthew Garrett
Date: Wed Apr 04 2018 - 16:18:56 EST

Next message: Mathieu Malaterre: "Re: [PATCH 15/19] powerpc: Add missing prototype"
Previous message: Pavel Machek: "FORTIFY_SOURCE breaks ARM compilation in -next -- was Re: ARM compile failure in Re: linux-next: Tree for Apr 4"
In reply to: Thomas Gleixner: "Re: [GIT PULL] Kernel lockdown for secure boot"
Next in thread: Andy Lutomirski: "Re: [GIT PULL] Kernel lockdown for secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 4, 2018 at 1:01 PM Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> Now where the disagreement lies is the way how the uid/ring0 aspect is
tied
> to secure boot, which makes it impossible to be useful independent of
> Secure Boot.

It doesn't - you can pass a command line parameter that enables it, or your
bootloader can set the bootparams flag. I don't see a fundamental problem
with offering the opportunity to change it at runtime, other than that some
stuff that was previously initialised may have to be torn down. The reason
for having the UEFI boot stub *optionally* check the secure boot state
itself and make a policy decision (rather than having the signed bootloader
do so) is because the kernel can be launched directly by the firmware.

Next message: Mathieu Malaterre: "Re: [PATCH 15/19] powerpc: Add missing prototype"
Previous message: Pavel Machek: "FORTIFY_SOURCE breaks ARM compilation in -next -- was Re: ARM compile failure in Re: linux-next: Tree for Apr 4"
In reply to: Thomas Gleixner: "Re: [GIT PULL] Kernel lockdown for secure boot"
Next in thread: Andy Lutomirski: "Re: [GIT PULL] Kernel lockdown for secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]