From: Petr Pavlu <petr.pavlu@suse.com>
To: Luis Chamberlain <mcgrof@kernel.org>, linux@weissschuh.net
Cc: Arnout Engelen <arnout@bzzt.net>,
arnd@arndb.de, da.gomez@samsung.com, linux-arch@vger.kernel.org,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-modules@vger.kernel.org, masahiroy@kernel.org,
nathan@kernel.org, nicolas@fjasle.eu, samitolvanen@google.com
Subject: Re: [PATCH RFC 2/2] module: Introduce hash-based integrity checking
Date: Mon, 13 Jan 2025 16:09:13 +0100 [thread overview]
Message-ID: <ebbd79c2-50fb-4d9e-aabf-a55ea463c494@suse.com> (raw)
In-Reply-To: <Z4FyGEXBK4EUi_Oq@bombadil.infradead.org>
On 1/10/25 20:16, Luis Chamberlain wrote:
> On Thu, Jan 09, 2025 at 11:52:27AM +0100, Arnout Engelen wrote:
>> On Fri, 3 Jan 2025 17:37:52 -0800, Luis Chamberlain wrote:
>>> What distro which is using module signatures would switch
>>> to this as an alternative instead?
>>
>> In NixOS, we disable MODULE_SIG by default (because we value
>> reproducibility over having module signatures). Enabling
>> MODULE_HASHES on systems that do not need to load out-of-tree
>> modules would be a good step forward.
>>
>
> Mentioning this in the cover letter will also be good. So two
> distros seemt to want this.
I'm aware that folks from the reproducible build community have been
interested in this functionality [1, 2].
Some people at SUSE have been eyeing this as well. I've let them know
about this series. It would help with the mentioned build
reproducibility and from what I understood, it should also avoid in SUSE
case some bottlenecks with HSM needing to sign all modules.
I agree that we should make sure that whatever ends up added is
something that some distributions actually check it works for them and
they intend to use it.
From the SUSE side, I can also support that the feature should work
seamlessly with the current MODULE_SIG.
[1] https://lists.reproducible-builds.org/pipermail/rb-general/2024-September/003530.html
[2] https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/merge_requests/1
--
Thanks,
Petr
prev parent reply other threads:[~2025-01-13 15:09 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-25 22:51 [PATCH RFC 0/2] module: Introduce hash-based integrity checking Thomas Weißschuh
2024-12-25 22:51 ` [PATCH RFC 1/2] kbuild: add stamp file for vmlinux BTF data Thomas Weißschuh
2024-12-25 22:52 ` [PATCH RFC 2/2] module: Introduce hash-based integrity checking Thomas Weißschuh
2025-01-04 1:37 ` Luis Chamberlain
2025-01-04 6:30 ` Thomas Weißschuh
2025-01-08 19:08 ` Luis Chamberlain
2025-01-13 9:15 ` Fabian Grünbichler
2025-01-09 10:52 ` Arnout Engelen
2025-01-10 19:16 ` Luis Chamberlain
2025-01-13 15:09 ` Petr Pavlu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ebbd79c2-50fb-4d9e-aabf-a55ea463c494@suse.com \
--to=petr.pavlu@suse.com \
--cc=arnd@arndb.de \
--cc=arnout@bzzt.net \
--cc=da.gomez@samsung.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-modules@vger.kernel.org \
--cc=linux@weissschuh.net \
--cc=masahiroy@kernel.org \
--cc=mcgrof@kernel.org \
--cc=nathan@kernel.org \
--cc=nicolas@fjasle.eu \
--cc=samitolvanen@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).