Re: kexec_load(2) bypasses signature verification
From: Dave Young
Date: Thu Jun 25 2015 - 04:48:39 EST
On 06/19/15 at 09:09am, Vivek Goyal wrote:
> On Fri, Jun 19, 2015 at 04:18:16PM +0800, Dave Young wrote:
> > > > If we want to disable unsigned kernel loading at compile time, then we
> > > > really need to work on decoupling CONFIG_KEXEC and CONFIG_FILE_KEXEC.
> > > > Introducing another config option is not the way forward, IMHO.
> > >
> > > Yes, let's do it in this way since everyone is fine with it.
> >
> > I will work on a patch if nobody else have interest or no time on it.
>
> Thanks Dave. Will be good if you can get this done.
Vivek, I worked out some draft patches here:
https://github.com/daveyoung/linux/commits/kexec-syscall-cleanup
Basiclly I split kexec_file first, then add CONFIG_KEXEC_CORE kconfig option
then split kexec_load code from general code.
There's a lot of #ifdef CONFIG_KEXEC in kernel source, because CONFIG_KEXEC
can be disabled so I changed all kernel general and x86 #ifdef to use
CONFIG_KEXEC_CORE if necessary. For other arches dependent code with #ifdef
I did not change anything other than the new Kconfig option. It will works
because only x86 support KEXEC_FILE.
Please take a look if you have time, if this is not what you want please let
me know.
I will have no time this week, only did building test, will do more test next
week, if everything is ok I can send out the patches to list for review.
Thanks
Dave
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/