From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755973AbbCRLdn (ORCPT ); Wed, 18 Mar 2015 07:33:43 -0400 Received: from bhuna.collabora.co.uk ([93.93.135.160]:54749 "EHLO bhuna.collabora.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755404AbbCRLdl (ORCPT ); Wed, 18 Mar 2015 07:33:41 -0400 Message-ID: <550962C5.5050400@collabora.co.uk> Date: Wed, 18 Mar 2015 11:34:29 +0000 From: Simon McVittie Organization: Collabora Ltd. User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.5.0 MIME-Version: 1.0 To: Matthew Garrett CC: "keescook@chromium.org" , "linux-kernel@vger.kernel.org" , "james.l.morris@oracle.com" , "gnomes@lxorguk.ukuu.org.uk" , "serge@hallyn.com" , "linux-security-module@vger.kernel.org" , "hpa@zytor.com" Subject: Re: Trusted kernel patchset References: <1426282708-21485-1-git-send-email-matthew.garrett@nebula.com> <20150316144504.4e013789@lxorguk.ukuu.org.uk> <1426529700.22371.20.camel@nebula.com> <55088CEC.2010109@collabora.co.uk> <1426624970.22371.33.camel@nebula.com> In-Reply-To: <1426624970.22371.33.camel@nebula.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 17/03/15 20:42, Matthew Garrett wrote: > On Tue, 2015-03-17 at 20:22 +0000, Simon McVittie wrote: >> Is the intention instead that it will make privileged bits of userland >> more careful to avoid breaking the trust chain in ways that would "fail >> safe" by refusing to boot? > > Not really. It's intended to avoid the situation where privileged > userspace is able to modify the running kernel to an extent that's > broadly equivalent to booting an arbitrary kernel. Sorry, I was imprecise about what I meant by "it". I understand that the intention of the patchset as a whole is to prevent privileged userspace from subverting the kernel; I was asking about the intention of the ability to read from /sys/kernel/security/trusted_kernel. -- Simon McVittie Collabora Ltd.