Re: [GIT PULL] Kernel lockdown for secure boot

From: Matthew Garrett
Date: Tue Apr 03 2018 - 19:09:47 EST

Next message: Stephen Rothwell: "Re: linux-next: manual merge of the v4l-dvb tree with the asm-generic tree"
Previous message: Linus Torvalds: "Re: [GIT PULL] Kernel lockdown for secure boot"
In reply to: Andy Lutomirski: "Re: [GIT PULL] Kernel lockdown for secure boot"
Next in thread: Linus Torvalds: "Re: [GIT PULL] Kernel lockdown for secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 3, 2018 at 3:53 PM Andy Lutomirski <luto@xxxxxxxxxx> wrote:
> On Tue, Apr 3, 2018 at 3:51 PM, Matthew Garrett <mjg59@xxxxxxxxxx> wrote:
> > Lockdown is clearly useful without Secure Boot (and I intend to deploy
it
> > that way for various things), but I still don't understand why you feel
> > that the common case of booting a kernel from a boot chain that's widely
> > trusted derives no benefit from it being harder to subvert that kernel
into
> > subverting that boot chain. For cases where you're self-signing and feel
> > happy about that, you just set CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT to n
and
> > everyone's happy?

> I would like to see distros that want Secure Boot to annoy users by
> enabling Lockdown be honest about the fact that it's an annoyance and
> adds very little value by having to carry a patch that was rejected by
> the upstream kernel.

I disagree with the assertion that it adds very little value, but if you
want to reject a technically useful patch for political reasons then I'm
well beyond the point of caring.

Next message: Stephen Rothwell: "Re: linux-next: manual merge of the v4l-dvb tree with the asm-generic tree"
Previous message: Linus Torvalds: "Re: [GIT PULL] Kernel lockdown for secure boot"
In reply to: Andy Lutomirski: "Re: [GIT PULL] Kernel lockdown for secure boot"
Next in thread: Linus Torvalds: "Re: [GIT PULL] Kernel lockdown for secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]