From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Theodore Y. Ts'o" Subject: Re: [GIT PULL] Kernel lockdown for secure boot Date: Wed, 4 Apr 2018 09:52:51 -0400 Message-ID: <20180404135251.GD16242@thunk.org> References: <24353.1522848817@warthog.procyon.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <24353.1522848817@warthog.procyon.org.uk> Sender: linux-kernel-owner@vger.kernel.org To: David Howells Cc: Matthew Garrett , Linus Torvalds , luto@kernel.org, Ard Biesheuvel , jmorris@namei.org, Alan Cox , Greg Kroah-Hartman , Linux Kernel Mailing List , jforbes@redhat.com, linux-man@vger.kernel.org, jlee@suse.com, LSM List , linux-api@vger.kernel.org, Kees Cook , linux-efi List-Id: linux-man@vger.kernel.org On Wed, Apr 04, 2018 at 02:33:37PM +0100, David Howells wrote: > Theodore Y. Ts'o wrote: > > > Whoa. Why doesn't lockdown prevent kexec? Put another away, why > > isn't this a problem for people who are fearful that Linux could be > > used as part of a Windows boot virus in a Secure UEFI context? > > Lockdown mode restricts kexec to booting an authorised image (where the > authorisation may be by signature or by IMA). If that's true, then Matthew's assertion that lockdown w/o secure boot is insecure goes away, no? - Ted