Received: by 10.213.65.68 with SMTP id h4csp3960123imn; Tue, 3 Apr 2018 13:56:30 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+edVye7Upa2UTLcCvJxWsA+QR4D4ssQOAewRLtDRqbqfBh7dwPelOlly+56jccKr7jI+AH X-Received: by 10.98.58.75 with SMTP id h72mr11665477pfa.209.1522788990666; Tue, 03 Apr 2018 13:56:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522788990; cv=none; d=google.com; s=arc-20160816; b=pqb6EAfVbtSFTUvI3Jx7nEU68ghyKGQl4zEu2fg8Evc/qn5F8LRN2yNehJPqA7PQ5v ibh4lrhbMDns3GuOtYREcZ5+YrADz3T0O5aDdH9vDCfNnFZcWA8xnr5zn18mAz9Jw9NO LRuvAWzLNIcrkhTaqRGWauHzw3YoxBezTZIlm/yQ/gMRUTOriQnDsg7umK8OysEMhC+w 2xnRTOccC7p8BtRR7r6R/6LlM1jn5blkyi83EcOGeUm5DXN7WocoEGUGbtD5m/49E7Sh iYdgUyxH9opQJSXY4veE+cAsT7CMxT8IryeGoRvo8UPHW0joMRhiUvrDmzO909yJ+RBy mvZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=RAylV5wvGTpASLq3aXWwdLKypQwDfJayYgDKv2MSScY=; b=M6ArQkdycgWvWzFQsVcFd4EJhElI1mm1Bc1jGlTQLA4hDEUk1lbtAlHnZf6t1teEhg Qg8mkcAaiQJf8UQUHRjhVc0NC1lnfT0714kPxvzIEGJnOYW2X5G7V7gxjHM4Ccpg4shj sQdx7rvolb4Mh2Ns2jLM1XjXFBO6gg4wfhMR6/h/pCg3WDE1azoYTfbatrXlLxiOZB0h uiu2UK6Oj7bQKhciMJOu/ZDySQN6fFbHlowosCheZVqcecRO/82p2f1su4pmB8OZRbLH Oiq9qF22hFHM1eg/6UX/2GPFsIqUycCFpIh0MTqCbCuHPTgN85pN8dy1ST8D6INy2uJG R7cQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nuTxS9vp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g24-v6si3808820plj.40.2018.04.03.13.56.15; Tue, 03 Apr 2018 13:56:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nuTxS9vp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753267AbeDCUzJ (ORCPT + 99 others); Tue, 3 Apr 2018 16:55:09 -0400 Received: from mail-io0-f195.google.com ([209.85.223.195]:38986 "EHLO mail-io0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752943AbeDCUzH (ORCPT ); Tue, 3 Apr 2018 16:55:07 -0400 Received: by mail-io0-f195.google.com with SMTP id v13so23663669iob.6 for ; Tue, 03 Apr 2018 13:55:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RAylV5wvGTpASLq3aXWwdLKypQwDfJayYgDKv2MSScY=; b=nuTxS9vpDS0JpziXt8LWQuDb0F6wrdt37gO8tG//omry0Rr2Zzsk99v6PfUjpYzI/N iiTHeS66ZA8RPuQDrKFBd5YRrNjThlOlFHrTmhFM6nX/wEN0asuACo7PxiHOfbLjJY/m RWRm16t+oxnYkfSctLJesxo+7uGJF1fZEXAsBO+KRCUN48pNqkoc+32nCdKcorJoOLZ6 y+wYhKW0xE738mTwVRfjcVsRMLVjBwReJOeJCvFlxfp4JIl0UiOz5zjrvDDX6YTz6eGI 4kmooOfCaEgulignX+tPbsI+fqPUADddeLNQP1rcOQ8DuFosgvLSLfRHdgMHhTNisyhG ZR5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RAylV5wvGTpASLq3aXWwdLKypQwDfJayYgDKv2MSScY=; b=W6U76gN06zTRFXV2NxyelH8GHiQ2TiMVWDirc28bFByeKKhH06sZHAz4Damoqd2dF1 hkwvJqZ2Bm+cu7fWIi/GcAUUja3JPTdHt74ZAUlHchW2cK91A3z7pX7QH+C7ZR7DjZkt 5MYvUnzy//0Z9ofyJTRuJelijvCI+KI4h1YwlCrEzO/yqfo8YmPBcWUzbH4XQrM3NAGN 90dSS1Q9uGjF+9eyprWjqwbOS0OdUPbW9wWMS/Nd7PbGcvVUUIDHgS6d7H/5BowC4WTz lAbHQtmhkfSJKeT4AJGE2G3FBb9K14HPtbAdIM0H7u3KJY4esU+2gXxtI7cDX3WKjaZp 7oKA== X-Gm-Message-State: AElRT7FBJ4PvjMlPXP+6YHMMemKfoFmPv+8NLc3BNu5ZXLs2UEWr9sn8 gTRN4ENCiG1YjLwvFWAuzKda4fJ6PS4X8rssYcwJwg== X-Received: by 10.107.180.68 with SMTP id d65mr13814849iof.244.1522788905988; Tue, 03 Apr 2018 13:55:05 -0700 (PDT) MIME-Version: 1.0 References: <4136.1522452584@warthog.procyon.org.uk> <186aeb7e-1225-4bb8-3ff5-863a1cde86de@kernel.org> <30459.1522739219@warthog.procyon.org.uk> In-Reply-To: From: Matthew Garrett Date: Tue, 03 Apr 2018 20:54:55 +0000 Message-ID: Subject: Re: [GIT PULL] Kernel lockdown for secure boot To: Linus Torvalds Cc: luto@kernel.org, David Howells , Ard Biesheuvel , jmorris@namei.org, Alan Cox , Greg Kroah-Hartman , Linux Kernel Mailing List , jforbes@redhat.com, linux-man@vger.kernel.org, jlee@suse.com, LSM List , linux-api@vger.kernel.org, Kees Cook , linux-efi Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 3, 2018 at 1:53 PM Linus Torvalds wrote: > On Tue, Apr 3, 2018 at 9:29 AM, Matthew Garrett wrote: > > On Tue, Apr 3, 2018 at 8:11 AM Andy Lutomirski wrote: > >> Can you explain that much more clearly? I'm asking why booting via > >> UEFI Secure Boot should enable lockdown, and I don't see what this has > >> to do with kexec. And "someone blacklist[ing] your key in the > >> bootloader" sounds like a political issue, not a technical issue. > > > > A kernel that allows users arbitrary access to ring 0 is just an > > overfeatured bootloader. Why would you want secure boot in that case? > .. maybe you don't *want* secure boot, but it's been pushed in your > face by people with an agenda? Then turn it off, or build a self-signed kernel that doesn't do this?