From: Luis Chamberlain <mcgrof@kernel.org>
To: "Alessandro Carminati (Red Hat)" <alessandro.carminati@gmail.com>
Cc: linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org,
Jonathan Corbet <corbet@lwn.net>,
linux-doc@vger.kernel.org
Subject: Re: [RFC PATCH 1/2] Modules: Introduce boot-time module signature flexibility
Date: Thu, 16 Nov 2023 09:35:30 -0800 [thread overview]
Message-ID: <ZVZS4hw5dGB4aPz3@bombadil.infradead.org> (raw)
In-Reply-To: <20230914112739.112729-2-alessandro.carminati@gmail.com>
On Thu, Sep 14, 2023 at 11:27:38AM +0000, Alessandro Carminati (Red Hat) wrote:
> This commit introduces a novel boot argument parameter that provides an
> advanced level of control over the verification of module signatures
> during the initial stages of booting. With this enhancement, we gain the
> capability to postpone the verification of module signatures to after
> intrd stage is finished.
>
> Given that bootloader-provided artifacts are commonly employed
> post-verification,
Is such a thing expressed with a kernel config? If so then shouldn't
this be default for those uses cases?
> Signed-off-by: Alessandro Carminati (Red Hat) <alessandro.carminati@gmail.com>
> ---
> include/linux/module.h | 4 +++
> kernel/module/main.c | 14 ++++++-----
> kernel/module/signing.c | 56 +++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 68 insertions(+), 6 deletions(-)
>
> diff --git a/include/linux/module.h b/include/linux/module.h
> index a98e188cf37b..9899aeac43b0 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -34,6 +34,10 @@
>
> #define MODULE_NAME_LEN MAX_PARAM_PREFIX_LEN
>
> +#ifdef CONFIG_MODULE_SIG
> +extern int module_sig_check_wait;
> +#endif
Please add under is_module_sig_enforced. That's one new line Vs 3 new ones.
I see the code which skips module signature verification and the knobs
but I don't see the code which complete the promise to do the actual
signature verification post initrd / initramfs state. What gives?
Luis
next prev parent reply other threads:[~2023-11-16 17:35 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-14 11:27 [RFC PATCH 0/2] Enhancing Boot Speed and Security with Delayed Module Signature Verification Alessandro Carminati (Red Hat)
2023-09-14 11:27 ` [RFC PATCH 1/2] Modules: Introduce boot-time module signature flexibility Alessandro Carminati (Red Hat)
2023-11-16 17:35 ` Luis Chamberlain [this message]
2023-11-17 13:56 ` Alessandro Carminati
2023-11-17 18:33 ` Luis Chamberlain
2023-11-20 19:43 ` Luca Boccassi
2023-09-14 11:27 ` [RFC PATCH 2/2] docs: Update kernel-parameters.txt for signature verification enhancement Alessandro Carminati (Red Hat)
2023-09-15 15:59 ` Randy Dunlap
2023-11-08 15:33 ` Prarit Bhargava
2023-11-09 10:40 ` Alessandro Carminati
2023-11-08 15:32 ` [RFC PATCH 0/2] Enhancing Boot Speed and Security with Delayed Module Signature Verification Prarit Bhargava
2023-11-09 10:51 ` Alessandro Carminati
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZVZS4hw5dGB4aPz3@bombadil.infradead.org \
--to=mcgrof@kernel.org \
--cc=alessandro.carminati@gmail.com \
--cc=corbet@lwn.net \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-modules@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox