Re: [GIT PULL] Asymmetric keys and module signing

From: Geert Uytterhoeven
Date: Fri Sep 28 2012 - 02:27:29 EST

Next message: Stephen Rothwell: "linux-next: build failure after merge of the akpm tree"
Previous message: Raghavendra K T: "Re: [PATCH RFC 1/2] kvm: Handle undercommitted guest case in PLEhandler"
In reply to: Rusty Russell: "Re: [GIT PULL] Asymmetric keys and module signing"
Next in thread: David Howells: "Re: [GIT PULL] Asymmetric keys and module signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 26, 2012 at 5:46 AM, Rusty Russell <rusty@xxxxxxxxxxxxxxx> wrote:
> You previously wrote:
>> You can't compare them that easily. One has a FIPS-mode panic and the other
>> doesn't. Do we want to panic if we reject an unsigned module in enforcing
>> mode when we're in FIPS mode?
>
> It's a line ball, but I think consistency wins. Not a validly signed
> module => panic.

Just wondering, what's the advantage of doing panic over just
rejecting the module?
Panic is a DoS?

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephen Rothwell: "linux-next: build failure after merge of the akpm tree"
Previous message: Raghavendra K T: "Re: [PATCH RFC 1/2] kvm: Handle undercommitted guest case in PLEhandler"
In reply to: Rusty Russell: "Re: [GIT PULL] Asymmetric keys and module signing"
Next in thread: David Howells: "Re: [GIT PULL] Asymmetric keys and module signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]