Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot
From: Linus Torvalds
Date: Wed Aug 15 2018 - 17:14:42 EST
On Wed, Aug 15, 2018 at 2:08 PM Yannik Sembritzki <yannik@xxxxxxxxxxxxx> wrote:
>
> IMO, this is not okay. The layer of trust should extend from the bottom
> (user-provisioned platform key) up. Only trusting the kernel builtin key
> later on (wrt. kernel modules) contradicts this principal.
This module loading case is not about trusting the *key*.
This is about trusting the *build system*.
For example, I build my kernels with one single randomly generated key
(that gets deleted afterwards). The modules get built with that key
too.
No amount of added keys later will make a module valid to load.
Linus