Return-Path: <linux-kernel-owner+willy=40w.ods.org-S270021AbUJNKSM@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S270021AbUJNKSM (ORCPT <rfc822;willy@w.ods.org>);
	Thu, 14 Oct 2004 06:18:12 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S270023AbUJNKSM
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Thu, 14 Oct 2004 06:18:12 -0400
Received: from mx1.redhat.com ([66.187.233.31]:36005 "EHLO mx1.redhat.com")
	by vger.kernel.org with ESMTP id S270021AbUJNKSJ (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 14 Oct 2004 06:18:09 -0400
From: David Howells <dhowells@redhat.com>
In-Reply-To: <1097707239.14303.22.camel@localhost.localdomain> 
References: <1097707239.14303.22.camel@localhost.localdomain>  <1096544201.8043.816.camel@localhost.localdomain> <1096411448.3230.22.camel@localhost.localdomain> <1092403984.29463.11.camel@bach> <1092369784.25194.225.camel@bach> <20040812092029.GA30255@devserv.devel.redhat.com> <20040811211719.GD21894@kroah.com> <OF4B7132F5.8BE9D947-ON87256EEB.007192D0-86256EEB.00740B23@us.ibm.com> <1092097278.20335.51.camel@bach> <20040810002741.GA7764@kroah.com> <1092189167.22236.67.camel@bach> <19388.1092301990@redhat.com> <30797.1092308768@redhat.com> <20040812111853.GB25950@devserv.devel.redhat.com> <20040812200917.GD2952@kroah.com> <26280.1092388799@redhat.com> <27175.1095936746@redhat.com> <30591.1096451074@redhat.com> <10345.1097507482@redhat.com> <1097507755.318.332.camel@hades.cambridge.redhat.com> <1097534090.16153.7.camel@localhost.localdomain> <1097570159.5788.1089.camel@baythorne.infradead.org> <1097626296.4013.34.camel@localhost.localdomain> <1097664137.4440.5.camel@localhost.!
 localdomain> 
To: "Rusty Russell (IBM)" <rusty@au1.ibm.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>, David Woodhouse <dwmw2@infradead.org>,
       rusty@ozlabs.au.ibm.com, Greg KH <greg@kroah.com>,
       Arjan van de Ven <arjanv@redhat.com>, Joy Latten <latten@us.ibm.com>,
       lkml - Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Fw: signed kernel modules? 
User-Agent: EMH/1.14.1 SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386-redhat-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen")
Content-Type: text/plain; charset=US-ASCII
Date: Thu, 14 Oct 2004 11:17:46 +0100
Message-ID: <14000.1097749066@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 897
Lines: 20


> I'd appreciate your opinion on the issue at hand.  Is it worth 600 lines
> of ELF verification and canonicalization code so we can strip modules
> without altering the signature?

You have to some of the ELF verification anyway, otherwise your suggested way
is just as pointless. You had included somde code in your example, but what
that did wasn't sufficient either - it can trivially be broken.

I think we should verify the ELF anyway upon module load; it doesn't take very
long, and the data cache works in our favour. This then means we can drop some
checks later on in the module loading because we can trust the ELF to a known
extent.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/