Re: [RFC PATCH 00/18 v3] Signature verification of hibernate snapshot

From: Florian Weimer
Date: Sun Sep 01 2013 - 06:41:43 EST

Next message: Jiri Olsa: "[PATCH 07/25] perf tests: Add session reading test for big endian perf data"
Previous message: Jiri Olsa: "[PATCH 12/25] perf tools: Separate version 2 specific perf data header bits"
Next in thread: Matthew Garrett: "Re: [RFC PATCH 00/18 v3] Signature verification of hibernatesnapshot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* joeyli:

> Yes, Matthew raised this concern at before. I modified patch to load
> private key in efi stub kernel, before ExitBootServices(), that means we
> don't need generate key-pair at every system boot. So, the above
> procedure of efi bootloader will only run one time.

But if you don't generate fresh keys on every boot, the persistent
keys are mor exposed to other UEFI applications. Correct me if I'm
wrong, but I don't think UEFI variables are segregated between
different UEFI applications, so if anyone gets a generic UEFI variable
dumper (or setter) signed by the trusted key, this cryptographic
validation of hibernate snapshots is bypassable.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jiri Olsa: "[PATCH 07/25] perf tests: Add session reading test for big endian perf data"
Previous message: Jiri Olsa: "[PATCH 12/25] perf tools: Separate version 2 specific perf data header bits"
Next in thread: Matthew Garrett: "Re: [RFC PATCH 00/18 v3] Signature verification of hibernatesnapshot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]