Re: Fw: signed kernel modules?

From: Thomas Weber
Date: Sun Oct 17 2004 - 16:27:03 EST

Next message: Georg Schild: "Weird behaviour of usb printer (drivers/usb/class/usblp.c: usblp0:error -110 reading printer status)"
Previous message: Petr Vandrovec: "[PATCH] Add VIDIOC_S_CTRL_OLD to matroxfb"
In reply to: Geert Uytterhoeven: "Re: Fw: signed kernel modules?"
Next in thread: Jon Masters: "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Oct 17, 2004 at 10:52:38PM +0200, Geert Uytterhoeven wrote:
> On Sun, 17 Oct 2004, Thomas Weber wrote:
> > On Fri, Oct 15, 2004 at 10:11:47PM +0200, Tonnerre wrote:
> > > What trusted computing revealed is that there is at least amongst some
> > > companies a desire to be able to dictate what's going on on your
> > > computer. Think Disney here.
> >
> >
> > > Tonnerre
> > >
> > > PS. I did a module signing patch some years ago. I did a framework. I
> > > did tests. I got scared of its power. All I say is, take care.
> >
> > Think about companies deploing binary only drivers for their hardware.
> > I guess they'd be happy to have a 'feature' like this in the kernel.
> > We might end up with hardware companies deploying binary only signed
> > modules for the major distributions (with which they have deals).
> > We might end up with weird patches from those companies to get their key
> > into the kernel source in order to be able to load their signed module.
> >
> > Once a module itself requires this feature in the kernel you don't have
> > the choice of saying 'No' to this option of compile time and you can't
> > simply revert this patch anymore as others have suggested.
> >
> > This patch would give power to those who make binary distributions and
> > (binary only) modules not to the admin who runs the system.
> > Only allowing modules to be loaded from a secured area (read only
> > device, signed 'container' of modules...) and leaving it to the
> > admin which modules he puts into this area would address all the reasons
> > for this patch without taking power away from the owner of the system.
>
> Solution: the module loader refuses to load signed modules that are not GPLed?
> I.e. a combination of MODULE_LICENSE() and signed modules.
>
> Opens up interesting legal actions if the signature owner signs modules that
> claim to be GPL, but aren't. Digital signatures are starting to become valid
> signatures in many countries...

What if distributions ship with this check removed (maybe distributions that
have deals with such companies)?
What if a binary module comes with a kernel source patch that removes this
check?
Who's gonna pay the lawyers?

Tom
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Georg Schild: "Weird behaviour of usb printer (drivers/usb/class/usblp.c: usblp0:error -110 reading printer status)"
Previous message: Petr Vandrovec: "[PATCH] Add VIDIOC_S_CTRL_OLD to matroxfb"
In reply to: Geert Uytterhoeven: "Re: Fw: signed kernel modules?"
Next in thread: Jon Masters: "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]