From: Rusty Russell <rusty@rustcorp.com.au>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: David Howells <dhowells@redhat.com>,
kyle@mcmartin.ca, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, keyrings@linux-nfs.org
Subject: Re: [PATCH 00/23] Crypto keys and module signing
Date: Fri, 22 Jun 2012 13:35:03 +0930 [thread overview]
Message-ID: <8762akt2j4.fsf@rustcorp.com.au> (raw)
In-Reply-To: <20120622015341.GA3414@kroah.com>
On Thu, 21 Jun 2012 18:53:41 -0700, Greg KH <gregkh@linuxfoundation.org> wrote:
> On Sun, May 27, 2012 at 03:11:23PM +0930, Rusty Russell wrote:
> > > > > Why would you want multiple signatures? That just complicates things.
> > > >
> > > > The code above stays pretty simple; if the signature fails, you set size
> > > > to i, and loop again. As I said, if you know exactly how you're going
> > > > to strip the modules, you can avoid storing the stripped module and
> > > > simply append both signatures.
> > >
> > > You still haven't justified it. One of your arguments about rejecting the ELF
> > > parsing version was that it was too big for no useful extra value that I could
> > > justify. Supporting multiple signatures adds extra size and complexity for no
> > > obvious value.
> >
> > One loop is a lot easier to justify that the ELF-parsing mess. And it
> > can be done in a backwards compatible way tomorrow: old kernels will
> > only check the last signature.
> >
> > I had assumed you'd rather maintain a stable strip util which you can
> > use on kernel modules than rework your module builds. I guess not.
>
> To dig an old thread up, but what really is wrong with the original ELF
> section stuff? Why encode "magic" values on the end of the kernel
> module that then require all userspace tools to be modified in order to
> properly handle this?
1) No userspace needs to be modified to use the appended signature.
modprobe doesn't. depmod doesn't. Even strip doesn't (not that
that's much use).
2) It's far easier to add an appended signature than to add an elf
section.
3) It's far easier to generate an appended signature than to generate
a signature for the module which will change when you add the
signature section (roughly: gpg --sign module.ko > sig && echo
'@@sig@@ >> module.ko && cat sig >> module.ko).
4) It's trivial to verify a module with an appended signature before you
touch it. With a section you need to carefully parse the module,
make sure you don't include the could-be-modified stuff in the
signature, and avoid any possible overflows or exploits.
5) It wasn't just that they wanted an elf section. They wanted the
signature to work against both a stripped and unstripped module, so
only the unstrippable parts of the module were signed.
> When I first did this so many many years ago an elf section made it so
> easy to handle. Userspace didn't need to be modified, and everyone
> knows how to handle elf sections, even the kernel does :)
And there have been bugs in the kernel elf handling code. There will
undoubtedly be bugs in this, and for what? A more complex kernel to
match our more complex userspace?
> And I think we really want the ability to have multiple signatures, the
> whole "chain of trust" thing that is needed will work out much better if
> multiple signatures are allowed. Putting it in an elf section allows
> this to work out easier, right?
Not at all. Multiple appended signatures is trivial. Figuring out the
semantics (do they chain, or is any one sufficient?), well that's the
same whether you're talking about an ELF section or not.
Hope that clarifies,
Rusty.
next prev parent reply other threads:[~2012-06-22 4:51 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-22 23:02 [PATCH 00/23] Crypto keys and module signing David Howells
2012-05-22 23:02 ` [PATCH 01/23] Guard check in module loader against integer overflow David Howells
2012-05-22 23:02 ` [PATCH 02/23] KEYS: Move the key config into security/keys/Kconfig David Howells
2012-05-22 23:02 ` [PATCH 03/23] KEYS: Announce key type (un)registration David Howells
2012-05-22 23:02 ` [PATCH 04/23] KEYS: Reorganise keys Makefile David Howells
2012-05-22 23:02 ` [PATCH 05/23] KEYS: Create a key type that can be used for general cryptographic operations David Howells
2012-05-22 23:03 ` [PATCH 06/23] KEYS: Add signature verification facility David Howells
2012-05-22 23:03 ` [PATCH 07/23] KEYS: Asymmetric public-key algorithm crypto key subtype David Howells
2012-05-22 23:03 ` [PATCH 08/23] KEYS: RSA signature verification algorithm David Howells
2012-05-22 23:03 ` [PATCH 09/23] Fix signature verification for shorter signatures David Howells
2012-05-22 23:03 ` [PATCH 10/23] PGPLIB: PGP definitions (RFC 4880) David Howells
2012-05-22 23:03 ` [PATCH 11/23] PGPLIB: Basic packet parser David Howells
2012-05-22 23:03 ` [PATCH 12/23] PGPLIB: Signature parser David Howells
2012-05-22 23:03 ` [PATCH 13/23] KEYS: PGP data parser David Howells
2012-05-22 23:04 ` [PATCH 14/23] KEYS: PGP-based public key signature verification David Howells
2012-05-22 23:04 ` [PATCH 15/23] KEYS: PGP format signature parser David Howells
2012-05-22 23:04 ` [PATCH 16/23] KEYS: Provide a function to load keys from a PGP keyring blob David Howells
2012-05-22 23:04 ` [PATCH 17/23] MODSIGN: Provide gitignore and make clean rules for extra files David Howells
2012-05-22 23:04 ` [PATCH 18/23] MODSIGN: Provide Documentation and Kconfig options David Howells
2012-05-22 23:04 ` [PATCH 19/23] MODSIGN: Sign modules during the build process David Howells
2012-05-22 23:04 ` [PATCH 20/23] MODSIGN: Provide module signing public keys to the kernel David Howells
2012-05-22 23:05 ` [PATCH 21/23] MODSIGN: Module signature verification David Howells
2012-05-22 23:05 ` [PATCH 22/23] MODSIGN: Automatically generate module signing keys if missing David Howells
2012-05-22 23:05 ` [PATCH 23/23] MODSIGN: Panic the kernel if FIPS is enabled upon module signing failure David Howells
2012-05-23 12:51 ` [PATCH 00/23] Crypto keys and module signing Rusty Russell
2012-05-23 14:20 ` David Howells
2012-05-24 12:04 ` Rusty Russell
2012-05-24 14:00 ` David Howells
2012-05-27 5:41 ` Rusty Russell
2012-05-31 14:11 ` David Howells
2012-05-31 15:35 ` Josh Boyer
2012-06-04 1:16 ` Rusty Russell
2012-06-04 13:38 ` Josh Boyer
2012-06-05 0:23 ` Rusty Russell
2012-06-22 1:53 ` Greg KH
2012-06-22 3:29 ` Lucas De Marchi
2012-06-22 4:05 ` Rusty Russell [this message]
2012-06-22 11:03 ` David Howells
2012-06-23 0:20 ` Rusty Russell
2012-05-25 11:15 ` Kasatkin, Dmitry
2012-05-25 11:37 ` David Howells
2012-05-25 13:08 ` Mimi Zohar
2012-05-25 13:53 ` David Howells
2012-05-25 14:40 ` Mimi Zohar
2012-05-25 12:18 ` David Howells
2012-05-25 15:42 ` David Howells
2012-06-04 1:31 ` Rusty Russell
2012-06-04 12:47 ` Mimi Zohar
2012-06-05 1:05 ` Rusty Russell
2012-06-05 11:39 ` Mimi Zohar
2012-06-05 13:37 ` David Howells
2012-06-05 14:36 ` Kasatkin, Dmitry
2012-06-05 13:35 ` David Howells
2012-06-10 5:47 ` Rusty Russell
2012-06-11 8:30 ` Kasatkin, Dmitry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8762akt2j4.fsf@rustcorp.com.au \
--to=rusty@rustcorp.com.au \
--cc=dhowells@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=keyrings@linux-nfs.org \
--cc=kyle@mcmartin.ca \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).