From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: David Howells <dhowells@redhat.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>,
linux-security-module@vger.kernel.org,
Dmitry Kasatkin <dmitry.kasatkin@intel.com>,
linux-kernel@vger.kernel.org, Mimi Zohar <zohar@us.ibm.com>
Subject: Re: [RFC][PATCH 1/2] modsig: add support to sign kernel modules using ephemeral keys
Date: Tue, 04 Dec 2012 14:11:43 -0500 [thread overview]
Message-ID: <1354648303.2652.21.camel@falcor> (raw)
In-Reply-To: <22345.1354644867@warthog.procyon.org.uk>
On Tue, 2012-12-04 at 18:14 +0000, David Howells wrote:
> Rusty Russell <rusty@rustcorp.com.au> wrote:
>
> > > +PHONY += _newmodpubkey_
> > > +_newmodpubkey_:
> > > + @rm -f $(MODSECKEY) $(MODPUBKEY)
> > > + $(Q)$(MAKE) -W kernel/modsign_pubkey.o
>
> Please don't do this. It can muck up the dependencies as make thinks it has
> already done this file at this point. Also, rebuilding bzImage yet again
> wouldn't be the best. We already do it a number of times. Further, if
> vmlinux is already installed when you rebuild, you may confuse gdb if the
> debuginfo then no longer matches vmlinux.
> You have to expose the private key *anyway* - so how much does this actually
> gain you? Especially with a one-shot transient key.
The issue is creating a new keypair is tied to modsign_pubkey. This
patch forces the creation of a new keypair, by removing the existing
one, compiles modsign_pubkey.o, and rebuilds the bzImage, and only then
signs the kernel modules and removes the private key. The benefits of
defining a separate target to generate a keypair are described in the
patch description.
Mimi
prev parent reply other threads:[~2012-12-04 19:11 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-26 14:23 [RFC][PATCH 1/2] modsig: add support to sign kernel modules using ephemeral keys Mimi Zohar
2012-11-26 14:23 ` [RFC][PATCH 2/2] modsig: differentiate between ephemeral and persistent key names Mimi Zohar
2012-12-03 1:26 ` Rusty Russell
2012-12-03 4:09 ` Mimi Zohar
2012-12-03 1:19 ` [RFC][PATCH 1/2] modsig: add support to sign kernel modules using ephemeral keys Rusty Russell
2012-12-04 18:14 ` David Howells
2012-12-04 19:11 ` Mimi Zohar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1354648303.2652.21.camel@falcor \
--to=zohar@linux.vnet.ibm.com \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.