kexec_load(2) bypasses signature verification
Theodore Ts'o
tytso at mit.edu
Mon Jun 15 06:17:28 PDT 2015
On Mon, Jun 15, 2015 at 08:14:19AM -0400, Josh Boyer wrote:
> Yes, which is why most of the distro vendors carry an out-of-tree
> patch that disables the old kexec in an SB setup. It would be nice if
> we could merge said patches. However, they depend on Matthew's
> secure_modules/trusted_kernel/<whatever name that works> patchset
> which has gotten little movement since we came up with a tentative
> agreement at LPC 2013.
Signed modules is in, though, right? And the fact that we have
CONFIG_SIGNED_PE_FILE_VERIFICATION means we're doing unatural file
signatures w/o using ELF, which I thought was the basis of Linus's
accusation that Red Hat was performing intimate/physical acts with
Microsoft. :-)
I would have thought those were the nasty bits to get in; out of
curiosity, what's still missing?
Regards,
- Ted
More information about the kexec
mailing list