Re: [RFC] Second attempt at kernel secure boot support

From: Matthew Garrett
Date: Wed Oct 31 2012 - 11:09:08 EST

Next message: Dan Magenheimer: "[PATCH 2/5] mm: frontswap: lazy initialization to allow tmem backends to build/run as modules"
Previous message: Dan Magenheimer: "[PATCH 0/5] enable all tmem backends to be built and loaded as modules"
In reply to: Shea Levy: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: Takashi Iwai: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 31, 2012 at 11:05:08AM -0400, Shea Levy wrote:
> Or the boot variable where you stored the key, but in that case I'd
> say the attacker has won too.

Right, in that case they can compromise MOK.

--
Matthew Garrett | mjg59@xxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Magenheimer: "[PATCH 2/5] mm: frontswap: lazy initialization to allow tmem backends to build/run as modules"
Previous message: Dan Magenheimer: "[PATCH 0/5] enable all tmem backends to be built and loaded as modules"
In reply to: Shea Levy: "Re: [RFC] Second attempt at kernel secure boot support"
Next in thread: Takashi Iwai: "Re: [RFC] Second attempt at kernel secure boot support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]