Received: by 10.213.65.68 with SMTP id h4csp116616imn; Tue, 3 Apr 2018 16:49:33 -0700 (PDT) X-Google-Smtp-Source: AIpwx48N7nDs2m4Rks+IUYLSPNr3NZkeAPwEQaAV2Z6Z8CgydW1mbGsRVGQDHcCOxW3ycRgAob7A X-Received: by 2002:a17:902:8d98:: with SMTP id v24-v6mr16138932plo.21.1522799373751; Tue, 03 Apr 2018 16:49:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522799373; cv=none; d=google.com; s=arc-20160816; b=ZUuzfhS3KRQ8xfBy4IDIyCZH6RPmhDiRwg6Zd4qibV9TRT1BLcqg1s4/76eC1FkYbo wNT1NoPd9HL8HaI8EY6sfWQIIhOtygJ6X/uQExTNMgIQA0n+9iROWBXCoszdgiHx/YgN 5oS6SvzmhChiF4fBn/PbEw8PZlNmdTin/AAyULclquF6Ie+7/psgAlYuB8zJFjcs2zT4 Nr5LRCjjOeb/tv/OmbKrnP+ksL0+gUQ7zY6KjwdQonpOWcwUUdqdqbXIWdL/ogtgFRc1 LREWGpzKmZQEsjrJLiAQI2S713QjmfbhlP84+yo7KyniLWxN5tBmOA+ykZfkBlo+QKn6 eAxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=S0M7Bz9BKsUy+VlfliP59GUdQysAog4IP7oV1I3Fj+4=; b=KFW5avhx17SLBSW2mD/IvEvj66XH8U67LlAylNDeJC320t86nF5iksZnnxCVB58As8 T3FD+D3nwfpO89AyCSW/o9cbISzwGMNUongrPhtlB8rrSgpqb48+sMEzTIxZfe2CgcY3 +Vc4fLMazaRIy7K6LRSH9+9sFKOk1b05nILoFqoNerB535RyDopehYls8KzVRueak0oe zypDu68tOzaDWTQrzDwGagzVDjgP1rhlWmaczKHTGSOP7AaQdklQRZakIyt81GeI9OkE qu+csLLWoeWEXEXy4xC8qdfa7xLvHN6Lwu/0T7a6AOnEKsT5SpD8J5MgvdsipVC/BtoL Yo9w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Q1ArLlXf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v6si2691219pgc.526.2018.04.03.16.49.19; Tue, 03 Apr 2018 16:49:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Q1ArLlXf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755015AbeDCXsH (ORCPT + 99 others); Tue, 3 Apr 2018 19:48:07 -0400 Received: from mail-it0-f65.google.com ([209.85.214.65]:54292 "EHLO mail-it0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753356AbeDCXsE (ORCPT ); Tue, 3 Apr 2018 19:48:04 -0400 Received: by mail-it0-f65.google.com with SMTP id h143-v6so25650660ita.4 for ; Tue, 03 Apr 2018 16:48:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=S0M7Bz9BKsUy+VlfliP59GUdQysAog4IP7oV1I3Fj+4=; b=Q1ArLlXf73AsBZZf1aotYAPGXoHDbo1Jzn9THs+7BQxpRLg2mU6H/vFHuVCwh2y/sD t1l1lu+VbSgDnLQWvqiJBn6508+WHdCLtAU/tJF9lUuAwu0Gl+XPKX4VM5cn012M5WnX 7KQQ/O/x/VLGSYUZ7uG1XOYUZ/L2A+ocw8gYeK+RFQLnQWRi8tVg+P0WzelFU/eNKGja ydgu8NDCWBnudGOd82lOmjKizbCoR9m8inong6FCRpCF3VNRDkGKU4kGmA+vQ2W8w/7J z4+N+6jCPzlbbnI+WZ6HZvlfrSAe0/1l7QGGDSU10MoPFPg2t9Gu5QBHFZWwpcrXhmpu Z38g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=S0M7Bz9BKsUy+VlfliP59GUdQysAog4IP7oV1I3Fj+4=; b=nudZfkMD/RI5d4Ug4soB1x//QEhIQg/0qXZKUvxw6WrBGP5KuqcU73OTYnpY6h4jUS s/jozaUvMgwMYttipODrigx5hJsphDrURRxLlpCKgj6ko2No35r7GxgeQBqLbJRCiH7G IFcc0o4sFDllldfYB//Egqy/Tn9DGBjdpr5NPjAAxF+Ru71XTyY7vMgA+TU2s2PeVmPY jFR1fRyEhDfOpjxMlZjV+af/CKyVAHRlzyX5sFMkDTRA3S4gdPykK5o3aLP9we7Sfeem k492EYBPIDShx9DdVUVqHWDa0sghCmVQ7d1JmkY+2KuE/DasyhI22aGIGyaWsy4gINyH 929A== X-Gm-Message-State: ALQs6tBcqJE4qOqXOrwkQkRrhLpMYijf6FG1Jt1Ug0cxo9SFQt5n1H44 uXfZl0R2HW1zxScMBh0dVmPgr5TRGafsRMzK5UYL5A== X-Received: by 2002:a24:25cb:: with SMTP id g194-v6mr7365425itg.85.1522799283711; Tue, 03 Apr 2018 16:48:03 -0700 (PDT) MIME-Version: 1.0 References: <4136.1522452584@warthog.procyon.org.uk> <186aeb7e-1225-4bb8-3ff5-863a1cde86de@kernel.org> <30459.1522739219@warthog.procyon.org.uk> <9758.1522775763@warthog.procyon.org.uk> <13189.1522784944@warthog.procyon.org.uk> <9349.1522794769@warthog.procyon.org.uk> In-Reply-To: From: Matthew Garrett Date: Tue, 03 Apr 2018 23:47:53 +0000 Message-ID: Subject: Re: [GIT PULL] Kernel lockdown for secure boot To: Linus Torvalds Cc: luto@kernel.org, David Howells , Ard Biesheuvel , jmorris@namei.org, Alan Cox , Greg Kroah-Hartman , Linux Kernel Mailing List , jforbes@redhat.com, linux-man@vger.kernel.org, jlee@suse.com, LSM List , linux-api@vger.kernel.org, Kees Cook , linux-efi Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 3, 2018 at 4:39 PM Linus Torvalds wrote: > On Tue, Apr 3, 2018 at 4:26 PM, Linus Torvalds > wrote: > > > > Magically changing kernel behavior depending on some subtle and often > > unintentional bootup behavior detail is completely idiotic. > Another way of looking at this: if lockdown is a good idea to enable > when you booted using secure boot, then why isn't it a good idea when > you *didn't* boot using secure boot? Because it's then trivial to circumvent and the restrictions aren't worth the benefit.