Re: [RFC] First attempt at kernel secure boot support

From: Pavel Machek
Date: Mon Oct 01 2012 - 17:07:32 EST


On Tue 2012-09-04 17:12:56, Matthew Garrett wrote:
> On Tue, Sep 04, 2012 at 05:08:53PM +0100, Alan Cox wrote:
> > On Tue, 4 Sep 2012 11:55:06 -0400
> > Matthew Garrett <mjg@xxxxxxxxxx> wrote:
> >
> > > The UEFI Secure Boot trust model is based on it not being possible for a
> > > user to cause a signed OS to boot an unsigned OS
> >
> > Unfortunately you can't fix this at kernel level because an untrusted
> > application can at GUI level fake a system crash, reboot cycle and phish
> > any basic credentials such as passwords for the windows partition.
>
> Any well-designed software asking for credentials should already be
> requiring a SAK, so in that case we just need to implement sensible SAK
> support in Linux.

So... the "secure" boot specification also describes what the SAK is?
It has to be same on all the operating systems to be effective.

And... you'd need to put SAK functionality into the kernel. (Currently
SAK only notifies _root_ user. You'd need to implement SAK
functionality displaying penguin with "This is not Windows"
message... in kernel).
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/