From mboxrd@z Thu Jan 1 00:00:00 1970 From: gregkh@linuxfoundation.org (Greg Kroah-Hartman) Date: Wed, 4 Apr 2018 11:04:40 +0200 Subject: [GIT PULL] Kernel lockdown for secure boot In-Reply-To: References: Message-ID: <20180404090440.GA24169@kroah.com> To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org On Wed, Apr 04, 2018 at 12:19:35AM +0000, Matthew Garrett wrote: > On Tue, Apr 3, 2018 at 5:18 PM Andy Lutomirski wrote: > > > if your secure boot-enabled bootloader can't prevent a bad guy from > > using malicious kernel command line parameters, then fix it. > > How is a bootloader supposed to know what the set of malicious kernel > command line parameters is? It wouldn't, it, if it really were "secure", would not allow any command line parameters to be changed. Which is exactly what those bootloaders who "claim" to be secure do. And, just to butt in here, there is no requirement that I have ever heard of from anyone at UEFI or Microsoft that this type of "kernel feature" is a requirement to allow for a bootloader/kernel to be signed with their key. So that should take the "politics" reason off the table here, if people thought that somehow it was even a viable reason... thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html