[PATCH V37 04/29] Enforce module signatures if the kernel is locked down
Matthew Garrett
mjg59 at google.com
Thu Aug 8 18:31:09 UTC 2019
On Thu, Aug 8, 2019 at 3:01 AM Jessica Yu <jeyu at kernel.org> wrote:
> If you're confident that a hard dependency is not the right approach,
> then perhaps we could add a comment in the Kconfig (You could take a
> look at the comment under MODULE_SIG_ALL in init/Kconfig for an
> example)? If someone is configuring the kernel on their own then it'd
> be nice to let them know, otherwise having a lockdown kernel without
> module signatures would defeat the purpose of lockdown no? :-)
James, what would your preference be here? Jessica is right that not
having CONFIG_MODULE_SIG enabled means lockdown probably doesn't work
as expected, but tying it to the lockdown LSM seems inappropriate when
another LSM could be providing lockdown policy and run into the same
issue. Should this just be mentioned in the CONFIG_MODULE_SIG Kconfig
help?
More information about the Linux-security-module-archive
mailing list