Re: [PATCH 01/12] Add BSD-style securelevel support

From: H. Peter Anvin
Date: Mon Sep 09 2013 - 12:43:16 EST

Next message: Matthew Garrett: "Re: [PATCH 01/12] Add BSD-style securelevel support"
Previous message: Kay Sievers: "Re: [BUG?] staging: zram: Add auto loading of module if user opens /dev/zram."
In reply to: Matthew Garrett: "Re: [PATCH 01/12] Add BSD-style securelevel support"
Next in thread: Matthew Garrett: "Re: [PATCH 01/12] Add BSD-style securelevel support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09/09/2013 09:30 AM, Matthew Garrett wrote:
> On Mon, 2013-09-09 at 09:27 -0700, H. Peter Anvin wrote:
>
>> This will break or have to be redefined once you have signed kexec.
>
> Yeah. I wasn't really sure how to define it based on an implementation
> that isn't there yet - saying "kexec_load() of untrusted binaries"
> implies that there's some way to do it for trusted binaries.
>

However, this is the fundamental problem with securelevel: it assumes
there is not only a strict ordering between things to be secured, but
also that specific rings will remain the meaningful levels forever.

Neither of this tend to be true long time... which leads one back to
capabilities.

-hpa

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matthew Garrett: "Re: [PATCH 01/12] Add BSD-style securelevel support"
Previous message: Kay Sievers: "Re: [BUG?] staging: zram: Add auto loading of module if user opens /dev/zram."
In reply to: Matthew Garrett: "Re: [PATCH 01/12] Add BSD-style securelevel support"
Next in thread: Matthew Garrett: "Re: [PATCH 01/12] Add BSD-style securelevel support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]