Re: [RFC 2/2] initramfs with digital signature protection

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Vivek Goyal <vgoyal@redhat.com>
To: "Kasatkin, Dmitry" <dmitry.kasatkin@intel.com>
Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC 2/2] initramfs with digital signature protection
Date: Mon, 11 Feb 2013 16:59:29 -0500	[thread overview]
Message-ID: <20130211215929.GB24936@redhat.com> (raw)
In-Reply-To: <CALLzPKZpzDY0b_GvYgiKWeu1KFeLqyfKaKzBbiw8ze6ssE2N6Q@mail.gmail.com>

On Fri, Feb 08, 2013 at 03:27:30PM +0200, Kasatkin, Dmitry wrote:
> >>
> >> Dmitry,
> >>
> >> How do we make sure that this is the first call to user mode helpers. I
> >> see that we first unpacked unsigned initramfs. Then after a while we
> >> unpacked signed initramfs on /root and did a chroot. But now there is
> >> a window before chroot, where kernel might call into /sbin/hotplug or
> >> /sbin/modprobe from unsigned initramfs?
> >>
> >> Specifically, I put some printk and I am seeing calls to /sbin/hotplug
> >> before we even unpacked signed initramfs.
> >
> 
> I did some experiments and made this  patch which prevents launching
> of user mode helpers before pre-init from signed image is executed.
> 
> I do not know if this is the right way to do it, but at least it works for me.
> The whole idea of these patches is to allow simple usage of signed image,
> without the need to modify kernel parameters (0 block) and boot loaders....
> 
> --------------------------------------------------------------------------------------------------
> commit a99eaa06ab142906da67800423425b7c5def0a3e
> Author: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
> Date:   Fri Feb 8 15:05:22 2013 +0200
> 
>     initramfs_sig: prevent usermode helpers before signed image is executed
> 
>     This patch prevents execution of user mode helper before /pre-init
>     is executed.
> 
>     Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>

Yep. This seems to have blocked the calls going out to user space and
returns with -EBUSY

Thanks
Vivek

     prev parent reply	other threads:[~2013-02-11 21:59 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-02-05 12:34 [RFC 0/2] initramfs with digital signature protection Dmitry Kasatkin
2013-02-05 12:34 ` [RFC 1/2] export unpack_to_rootfs Dmitry Kasatkin
2013-02-05 16:48   ` Peter Jones
2013-02-05 17:16     ` Kasatkin, Dmitry
2013-02-08  8:30       ` Kasatkin, Dmitry
2013-02-05 12:34 ` [RFC 2/2] initramfs with digital signature protection Dmitry Kasatkin
2013-02-05 18:03   ` Peter Jones
2013-02-05 20:08     ` Mimi Zohar
2013-02-05 22:03     ` Kasatkin, Dmitry
2013-02-05 18:19   ` Matthew Garrett
2013-02-05 18:30     ` Matthew Garrett
2013-02-05 18:34     ` Vivek Goyal
2013-02-05 21:55       ` Kasatkin, Dmitry
2013-04-05 13:50         ` Vivek Goyal
2013-04-08 19:43           ` Mimi Zohar
2013-04-08 20:09             ` Vivek Goyal
2013-04-08 20:17               ` Josh Boyer
2013-04-09 14:38                 ` Vivek Goyal
2013-04-10  3:07                   ` Mimi Zohar
2013-04-10 19:42                     ` Vivek Goyal
2013-04-10 21:05                       ` Mimi Zohar
2013-04-11  8:08                         ` Dmitry Kasatkin
2013-04-11 14:52                         ` Vivek Goyal
2013-04-12 11:54                           ` Mimi Zohar
     [not found]                         ` <CACE9dm-GZpjco8u6jNxLQpYA8LYSeoVjsyyRXVwxXHzjO-LvGw@mail.gmail.com>
2013-04-11 14:55                           ` Vivek Goyal
2013-04-11 18:42                             ` Dmitry Kasatkin
2013-04-11 21:13                               ` Vivek Goyal
2013-04-12 12:03                                 ` Mimi Zohar
2013-02-05 20:36   ` Peter Jones
2013-02-05 22:09     ` Kasatkin, Dmitry
2013-02-06  5:04       ` H. Peter Anvin
2013-02-06  8:01         ` Kasatkin, Dmitry
2013-02-06 16:41           ` H. Peter Anvin
2013-02-08  9:16             ` Kasatkin, Dmitry
2013-02-08 15:49               ` H. Peter Anvin
2013-02-08 16:24                 ` Kasatkin, Dmitry
2013-02-08 16:50                   ` H. Peter Anvin
2013-02-07 17:05   ` Vivek Goyal
2013-02-08  8:34     ` Kasatkin, Dmitry
2013-02-08 13:27       ` Kasatkin, Dmitry
2013-02-11 21:59         ` Vivek Goyal [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130211215929.GB24936@redhat.com \
    --to=vgoyal@redhat.com \
    --cc=dmitry.kasatkin@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.