Received: by 10.213.65.68 with SMTP id h4csp133642imn;
        Tue, 3 Apr 2018 17:12:14 -0700 (PDT)
X-Google-Smtp-Source: AIpwx49/eeNOay0mSr1ZQAhFilgzhnvI5z4SNXtAzI9hWfStkOtjBxvqef6bqa+HbjLXeUJc5K4k
X-Received: by 10.101.66.70 with SMTP id d6mr10402130pgq.234.1522800734851;
        Tue, 03 Apr 2018 17:12:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522800734; cv=none;
        d=google.com; s=arc-20160816;
        b=AqtdPqpqpi8/2EWfEQPhU9Pyy7lHchCLEtC++LxfDoJ9WHHPiHix1hBa7lgZy/+x1g
         /pBhMiH9NSyDiN2PEiu4S1/zjVfLTdeb9Y7BTFli6Qvho6chqWpVnBpUwbFkGDo8W7GB
         JjWyn5fK7SO1MNJFh1K/2ASDaNEObaibtd/p4KSjD3NMrvsBnEbcYETx/OQLy/xSCUua
         0Dzuyz2Q1YzsIvMW11Gb+OEp03a9nWw6b+Vj9FHMNqWTO5Yo83dmKQDkiDDIDH97GFQB
         ZD+HPyADgCQPwy2VlaeaDKQfjgk6Z+EzuIT8AMGzQj8vT9Grm8M9gjA2lhcvxgQ91POH
         8dIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature
         :arc-authentication-results;
        bh=TzBE8Tq7QQAeU+75IiZ9F8kPPgouo+3hm0aGhuA1B7M=;
        b=Aw1YQ71hNvKCQADO9BtwNJv6Rc0uS+JZGOgpBXBcOBYkR2if9XHCpv+xKII6MhCeYK
         HCRTXyXVpdcSnaWeqPg+g/86ndRkEyaI8YPpCa2I8O53s7XQxzzdlSvGSx0DPTUd+ruD
         wCfOZKAn25R1BNPsgdFOBu4Cfub+Kr2WZ0XHK7oB9P+BM5JFuaYdczDjJiLHZQ69kj7Q
         AU++Z0QYeHXyvWWZK8fjqHYiF+FT7BeLeXrp0WLHiNMKVp1cWh5kNji7kleA9+/LvFlp
         VwOk5wkD+RFnfyfZuEoqMZIEc76+uTOhAp48S6UtwYOS98G0vLel/N8sXiIi30BxHNkn
         Z7jg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=sBUsv0D9;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p24si2983770pfh.328.2018.04.03.17.12.00;
        Tue, 03 Apr 2018 17:12:14 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=sBUsv0D9;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1756198AbeDDALB (ORCPT
        <rfc822;paul.schmitz.hallo.parkuhr@gmail.com> + 99 others);
        Tue, 3 Apr 2018 20:11:01 -0400
Received: from mail-it0-f66.google.com ([209.85.214.66]:38750 "EHLO
        mail-it0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1755942AbeDDAK6 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 3 Apr 2018 20:10:58 -0400
Received: by mail-it0-f66.google.com with SMTP id 19-v6so25132152itw.3
        for <linux-kernel@vger.kernel.org>; Tue, 03 Apr 2018 17:10:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=TzBE8Tq7QQAeU+75IiZ9F8kPPgouo+3hm0aGhuA1B7M=;
        b=sBUsv0D9/5uD5fwGpNqOH8Q2PA1eH/U7Gvbvks2+JVYu6Vd4RET1zdI1/1QyJ4ZDYQ
         YMK5Xy0G8KwDyMkn7QECV0BJb9fQB07hYnDCwF/g9KeS0ujw3ANdvzIGInMkrEYRlYJZ
         d62WDykMOUqhd3F2HJ5Gem7UjJcSjLP0o9nJsMO+KwnOc+7NxKGxD/+XhQPCD++TK5le
         /0r3x1IG57CxEpVgpFqGYET565ffgobP0dnjR8KxyG+tsELtFrHFbXXugos+CmYvqF/e
         1k7+KcDKrchaAtfPd8q60htwZXb3QEBr7VIsOh3Pvld25kQkm5NDzvHKf5d0LAVE7SvL
         1qNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=TzBE8Tq7QQAeU+75IiZ9F8kPPgouo+3hm0aGhuA1B7M=;
        b=RS+sL+cGU+ZY4dqNXeONZEnRu+AsQ5b2i4k/ub/O/H79WAS48BJfTsnkNSmomgLKH+
         Ti/aOkJrKaitE18vuZMvUhoW9EhO9LtPbD+/DAgC2/cn0+VKSKlaVhKlZnBT0tTKtQ8l
         6n6LCort0TcRDxeE4XvQlv+0LgZoQ817UlIjvae8FCF0Sa1M8HWWGRgb4MLE+RRpLkP4
         ImTL8d+nFDFeot7zDCVUzwVFi9xm+C1C8k7PstqKy20EhQyLl2YesWJOEp6wL+ZljVeS
         Jh7om0ZGDzFfpZjSHMYMFnPiRTwmSEBsccgZe/JMKxT2eV1G1hmtMLmgMcHIwhUcsh1W
         zPDA==
X-Gm-Message-State: ALQs6tBRBckgfva5T8zRbA1hJvJKJcUXm9vmuJ5bOLROEK5fDvd6zrdl
        2fHvOvOQQSCHvcDZ6oeWPbyxpdbyHauOx56XcvtYEQ==
X-Received: by 2002:a24:46cd:: with SMTP id j196-v6mr6931222itb.8.1522800657796;
 Tue, 03 Apr 2018 17:10:57 -0700 (PDT)
MIME-Version: 1.0
References: <4136.1522452584@warthog.procyon.org.uk> <alpine.LRH.2.21.1803311145180.7769@namei.org>
 <186aeb7e-1225-4bb8-3ff5-863a1cde86de@kernel.org> <30459.1522739219@warthog.procyon.org.uk>
 <CALCETrUFOdrH5ShCCd8yguGjC2NtG8fJY7AW26HH467-02UVGA@mail.gmail.com>
 <CACdnJut31+ZtiR40nkOjm89cfUxS0EM=w-oG69PtWHbXYJQxPg@mail.gmail.com>
 <CALCETrXeVod=kNpG-M7yKAMM0-n+PMg_OakN6ecWrTPmKXgMLg@mail.gmail.com>
 <9758.1522775763@warthog.procyon.org.uk> <CALCETrWHS9p1My=j07=V=OP7v4SwQkW-kJ3JOx6EbPU8fb_XEQ@mail.gmail.com>
 <13189.1522784944@warthog.procyon.org.uk> <CALCETrX4CuHVpn38R24TCcJgCBLSbh-sOD-qcD5kYF8Zo53ZJw@mail.gmail.com>
 <9349.1522794769@warthog.procyon.org.uk> <CALCETrV6E+r942K+fu-ALNf-x6qOZ3o1hNKGeu7qEMvr8sMP9A@mail.gmail.com>
 <CA+55aFxKzxdRZthzaokaGPAsWCp3a-p3aVfJSutF+9Fp9sbaVA@mail.gmail.com>
 <CACdnJusSfwULV-ubvgtYd8G_cTF4LnJ4DAeTCux4XRhHKVpBUw@mail.gmail.com>
 <CA+55aFzG==xr2OLK8F03RH0nkUDeP6btWqepFTuHZqkPTAOWjQ@mail.gmail.com>
 <CACdnJuv_=ihPut=5OvCYEphdBOn7+JrKacBbNa0n3wv_JvFMzg@mail.gmail.com>
 <CA+55aFyWNok1K-Jo3TQAXGXHvFOTvuOb-Hw977B9RGjBa7prrg@mail.gmail.com>
 <CACdnJutZFKX+izBxRYbyxefT5KrKhVV0XsymU=vBhywd+TOE3A@mail.gmail.com>
 <CA+55aFwVUmjZ+Swe9xUdDOEE+EOoaU3dh7BcrH74BOLCi8y_Kw@mail.gmail.com>
 <CACdnJuvqQQ+hidokY5GA7g-yrAs5-358it0cs+m_d4RFDMuB_w@mail.gmail.com> <CA+55aFwJBGCr-anrdV9N63fUH4V_QJqgr0_fJyHhH=fuqGAoog@mail.gmail.com>
In-Reply-To: <CA+55aFwJBGCr-anrdV9N63fUH4V_QJqgr0_fJyHhH=fuqGAoog@mail.gmail.com>
From:   Matthew Garrett <mjg59@google.com>
Date:   Wed, 04 Apr 2018 00:10:47 +0000
Message-ID: <CACdnJuvFqXGLsAv1Km3MmdssHBfuH5-C_vG3A4eq4Yuj0HhFBA@mail.gmail.com>
Subject: Re: [GIT PULL] Kernel lockdown for secure boot
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     luto@kernel.org, David Howells <dhowells@redhat.com>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>, jmorris@namei.org,
        Alan Cox <gnomes@lxorguk.ukuu.org.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        jforbes@redhat.com, linux-man@vger.kernel.org, jlee@suse.com,
        LSM List <linux-security-module@vger.kernel.org>,
        linux-api@vger.kernel.org, Kees Cook <keescook@chromium.org>,
        linux-efi <linux-efi@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Apr 3, 2018 at 5:06 PM Linus Torvalds
<torvalds@linux-foundation.org>
wrote:

> On Tue, Apr 3, 2018 at 4:59 PM, Matthew Garrett <mjg59@google.com> wrote:
> >
> > Ok. So we can build distribution kernels that *always* have this on,
and to
> > turn it off you have to disable Secure Boot and install a different
kernel.

> Bingo.

> Exactly like EVERY OTHER KERNEL CONFIG OPTION.

So your argument is that we should make the user experience worse? Without
some sort of verified boot mechanism, lockdown is just security theater.
There's no good reason to enable it unless you have some mechanism for
verifying that you booted something you trust.