Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756763AbbEUWcJ (ORCPT ); Thu, 21 May 2015 18:32:09 -0400 Received: from mail-ig0-f173.google.com ([209.85.213.173]:37538 "EHLO mail-ig0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756519AbbEUWcG (ORCPT ); Thu, 21 May 2015 18:32:06 -0400 MIME-Version: 1.0 In-Reply-To: References: <20150515123513.16723.96340.stgit@warthog.procyon.org.uk> <555BD715.40202@kernel.org> <31772.1432128969@warthog.procyon.org.uk> <20150520162059.GC10473@localhost> <20150521213829.GH23057@wotan.suse.de> From: "Luis R. Rodriguez" Date: Thu, 21 May 2015 15:31:44 -0700 X-Google-Sender-Auth: hjzwFqY9n_gT1oOK2dX33rfKvCk Message-ID: Subject: Re: [PATCH 0/8] MODSIGN: Use PKCS#7 for module signatures [ver #4] To: Andy Lutomirski Cc: David Howells , Andy Lutomirski , Rusty Russell , Michal Marek , Matthew Garrett , keyrings@linux-nfs.org, Dmitry Kasatkin , "linux-kernel@vger.kernel.org" , Seth Forshee , LSM List , David Woodhouse Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1678 Lines: 38 On Thu, May 21, 2015 at 3:24 PM, Andy Lutomirski wrote: > On Thu, May 21, 2015 at 3:16 PM, Luis R. Rodriguez wrote: >> On Thu, May 21, 2015 at 3:06 PM, Andy Lutomirski wrote: >>> Given that, I would say that merely shoving firmware files through the >>> module verifier as-is would not be okay. >> >> Replacing one dog and pony show for another is what is going on, what >> you describe and suggest seems best, and I welcome patches, it seems >> you know what you are talking about :) >> > > Don't hold your breath. My plate is over-full. I'm probably a decent > reviewer of crypto, though. Well as good as you are in 10 years we'll have better ones. So when module signature went into the kernel the real expectation should have been: This code looks good now but is going to be complete shit and breakable a few years from now. Hence my first implicit and now explicit claims on dog and pony shows. Best thing we can do IMHO is to just allow us to replace stupid human code with better human code later, and eventually hopefully better AI code, and so on. Since you don't have time for a real replacement maybe what we can do is at least document / target / agree for what pipe dream we want and shoot for it with time. Hopefully folks will find time to implement it. In the meantime should that block current dog and pony show trading? I don't think so. Luis -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/