Re: Trusted kernel patchset

From: Jiri Kosina
Date: Mon Mar 16 2015 - 17:55:36 EST


On Mon, 16 Mar 2015, Matthew Garrett wrote:

> > - All suspend/resumes allow modifying the kernel. I can boot Linux
> > suspend, boot windows, modify the Linux restore image, boot Linux and
> > own the box. You would need to sign the resume image somehow I think or
> > just disable all suspend/resume
>
> I'm kind of torn on this - yes, there are deployment scenarios where
> hibernation can be used to circumvent the restrictions, but there are
> also scenarios where that can be avoided (eg, the bootloader verifies
> some state with respect to the hibernation image).

[ adding Joey to CC ]

Just for completness -- there is a way around this:

https://lkml.org/lkml/2013/9/14/183

The series is not really the optimal one, as Alan Stern later figured out
that symmetric cryptography is strong enough to achieve the same goal, but
I am not sure whether Joey implemented that idea already.

--
Jiri Kosina
SUSE Labs

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/