Re: Kdump with signed images

From: Vivek Goyal
Date: Thu Nov 08 2012 - 14:45:27 EST

Next message: YAMANE Toshiaki: "[PATCH] staging/media: Use dev_ or pr_ printks in lirc/lirc_sasem.c"
Previous message: Vivek Goyal: "Re: Kdump with signed images"
In reply to: Vivek Goyal: "Re: Kdump with signed images"
Next in thread: Eric W. Biederman: "Re: Kdump with signed images"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Nov 08, 2012 at 02:40:50PM -0500, Vivek Goyal wrote:
> On Tue, Nov 06, 2012 at 03:51:59PM -0800, Eric W. Biederman wrote:
>
> [..]
>
> Thnking more about executable signature verification, I have another question.
>
> While verifyign the signature, we will have to read the whole executable
> in memory. That sounds bad as we are in kernel mode and will not be killed
> and if sombody is trying to execute a malformed exceptionally large
> executable, system will start killing other processess. We can potentially
> lock all the memory in kernel just by trying to execute a signed huge
> executable. Not good.
>

Also, even if we try to read in whole executable, can't an hacker modify
pages in swap disk and then they will be faulted back in and bingo hacker
is running its unsigned code. (assuming root has been compromised otherwise
why do we have to do all this exercise).

Thanks
Vivek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: YAMANE Toshiaki: "[PATCH] staging/media: Use dev_ or pr_ printks in lirc/lirc_sasem.c"
Previous message: Vivek Goyal: "Re: Kdump with signed images"
In reply to: Vivek Goyal: "Re: Kdump with signed images"
Next in thread: Eric W. Biederman: "Re: Kdump with signed images"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]