Received: by 10.223.176.46 with SMTP id f43csp59675wra; Thu, 18 Jan 2018 13:59:34 -0800 (PST) X-Google-Smtp-Source: ACJfBosKBNZAuadxHgWFaONfuk2uuR9Z9RquzkyJ3MFiDCOFJK9LxKOhzFO4ZWv0UI6XbVfh19N7 X-Received: by 2002:a17:902:d205:: with SMTP id t5-v6mr461042ply.190.1516312774476; Thu, 18 Jan 2018 13:59:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516312774; cv=none; d=google.com; s=arc-20160816; b=XyD/bIcREEyO3sRGG6vw5Acu+z/NuXdUwkdBivuTqFqbn9KJKqwc04A6BMouNQskSe TQ9yYq9ZucL5r9keQy6szu11gmQgOF1Vm/CasVuxFsHboC7B5YFV2prQC+xREdcEX5vH tW47fcnYekJWBnPpIy/KVnhI4SRD+yeh6RzCGJcscC7jv2pfozQe1ji7B3IlXGhjJTBq hE9AbHJ1J1VDr/C3XmitcghCA0zs6XCM5SqoNlUr1dJhBFUtIuFIb1faZEbl5TSsZsEi VNcjSk0WYIzVXykCc1jNgKwtTjLzjnQdHPBqjiH7jl9o/WW4O4oS6e8fxvChoN3uBaVT FAlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=Dx5u5zXh3q8uGjEn/pC/cPDv9iWMQ1h/rUVbEcL5Lwk=; b=Iqk9oWcH1ZmUvrHwQ55Xe/x2RNVk73uJ/l2oHE2HRJJ9wS35HvHqrEj5KGzXUduqVx VHC2NzzGK9fQziSHm415AsR7cTSpP1HJYMmKe8dK8cXNQwfXz0qWf7wmx3ACvDJgKs1C /ez2//jxaFcHM+50lW8rv+6r41esQjHrQ23bktNy+817qeDZevcvaXxGGDEGGyW2ZPTJ OoJGkjBhkJOQUquL8uX0/CnKkfsbTqAIydLwjFswRxMyUj3Dn/iXOwt4XM5DQyfCi0dU pdbzZ8ag9Lm69/zS0Y5ArR3uwwUGc9u52V1X4+YSe1y9tChRTkIk3zfJwpm+DItDWm90 zSfQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h10si6688310pgp.715.2018.01.18.13.59.11; Thu, 18 Jan 2018 13:59:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932234AbeARV6E (ORCPT + 99 others); Thu, 18 Jan 2018 16:58:04 -0500 Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:37111 "EHLO atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750718AbeARV55 (ORCPT ); Thu, 18 Jan 2018 16:57:57 -0500 Received: by atrey.karlin.mff.cuni.cz (Postfix, from userid 512) id 0D06080181; Thu, 18 Jan 2018 22:57:55 +0100 (CET) Date: Thu, 18 Jan 2018 22:57:55 +0100 From: Pavel Machek To: Dan Aloni Cc: linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: Re: [PATCH 0/5] RFC: Public key encryption of dmesg by the kernel Message-ID: <20180118215755.GB17196@amd> References: <20171230175804.7354-1-alonid@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cvVnyQ+4j833TQvp" Content-Disposition: inline In-Reply-To: <20171230175804.7354-1-alonid@gmail.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --cvVnyQ+4j833TQvp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat 2017-12-30 19:57:59, Dan Aloni wrote: > From: Dan Aloni >=20 > Hi All, >=20 > There has been a lot of progress in recent times regarding the removal > of sensitive information from dmesg (pointers, etc.), so I figured - why > not encrypt it all? However, I have not found any existing discussions > or references regarding this technical direction. >=20 > I am not sure that desktop and power users would like to have their > kernel message encrypted, but there are scenarios such as in mobile > devices, where only the developers, makers of devices, may actually > benefit from access to kernel prints messages, and the users may be > more protected from exploits. Yes, we have "TiVo" problem in mobile space, but please no, don't make it worse. We should not make it easy for device makers to lock devices down from their owners. Pavel --=20 (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo= g.html --cvVnyQ+4j833TQvp Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlphGGMACgkQMOfwapXb+vKYzgCgsXhCQ5k4FTFeHZGSErOtmUzB r48Ani2BjUlFeMGZgeZfQJcXYIoFXO0h =NApR -----END PGP SIGNATURE----- --cvVnyQ+4j833TQvp--