Trusted kernel patchset for Secure Boot lockdown

From: Matthew Garrett
Date: Wed Feb 26 2014 - 15:12:09 EST

Next message: Matthew Garrett: "[PATCH 08/12] kexec: Disable at runtime if trusted_kernel is true"
Previous message: Matthew Garrett: "[PATCH 09/12] uswsusp: Disable when trusted_kernel is true"
Next in thread: Matthew Garrett: "[PATCH 09/12] uswsusp: Disable when trusted_kernel is true"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The conclusion we came to at Plumbers was that this patchset was basically
fine but that Linus hated the name "securelevel" more than I hate pickled
herring, so after thinking about this for a few months I've come up with
"Trusted Kernel". This flag indicates that the kernel is, via some
external mechanism, trusted and should behave that way. If firmware has
some way to verify the kernel, it can pass that information on. If userspace
has some way to verify the kernel, it can set the flag itself. However,
userspace should not attempt to use the flag as a means to verify that the
kernel was trusted - untrusted userspace could have set it on an untrusted
kernel, but by the same metric an untrusted kernel could just set it itself.

If people object to this name then I swear to god that I will open a poll
on Phoronix to decide the next attempt and you will like that even less.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matthew Garrett: "[PATCH 08/12] kexec: Disable at runtime if trusted_kernel is true"
Previous message: Matthew Garrett: "[PATCH 09/12] uswsusp: Disable when trusted_kernel is true"
Next in thread: Matthew Garrett: "[PATCH 09/12] uswsusp: Disable when trusted_kernel is true"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]