[PATCH V37 04/29] Enforce module signatures if the kernel is locked down
James Morris
jmorris at namei.org
Thu Aug 8 22:43:05 UTC 2019
On Thu, 8 Aug 2019, Matthew Garrett wrote:
> On Thu, Aug 8, 2019 at 3:01 AM Jessica Yu <jeyu at kernel.org> wrote:
> > If you're confident that a hard dependency is not the right approach,
> > then perhaps we could add a comment in the Kconfig (You could take a
> > look at the comment under MODULE_SIG_ALL in init/Kconfig for an
> > example)? If someone is configuring the kernel on their own then it'd
> > be nice to let them know, otherwise having a lockdown kernel without
> > module signatures would defeat the purpose of lockdown no? :-)
>
> James, what would your preference be here? Jessica is right that not
> having CONFIG_MODULE_SIG enabled means lockdown probably doesn't work
> as expected, but tying it to the lockdown LSM seems inappropriate when
> another LSM could be providing lockdown policy and run into the same
> issue. Should this just be mentioned in the CONFIG_MODULE_SIG Kconfig
> help?
I agree and yes mention it in the help. A respin of just this patch is
fine.
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list