Re: [PATCH 14/16] kexec: Export sysfs attributes for secureboot andsecure modules to user space

From: Josh Boyer
Date: Tue Sep 10 2013 - 18:57:59 EST

Next message: Al Viro: "Re: linux-next: manual merge of the akpm tree with Linus' tree"
Previous message: Wei Yongjun: "[PATCH] drm/msm: fix return value check in ERR_PTR()"
In reply to: Vivek Goyal: "Re: [PATCH 14/16] kexec: Export sysfs attributes for secureboot andsecure modules to user space"
Next in thread: Vivek Goyal: "Re: [PATCH 14/16] kexec: Export sysfs attributes for secureboot andsecure modules to user space"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 10, 2013 at 5:44 PM, Vivek Goyal <vgoyal@xxxxxxxxxx> wrote:
> User space kexec-tools need to know whether to verify signature of kernel
> image being loaded. This patch exports two knobs to user space. One is
> for knowing if secureboot is enabled, this knob will be set to 1 if secure
> boot is enabled. Other knob is secure_module_enabled. This knob will be set
> to 1 if secure modules is one.
>
> kexec-tools will verify signature of kernel image if either secureboot is
> enabled or secure modules is enabled. The only difference between two is
> that kexec-tools will set secureboot on in bootparams being passed to
> second kernel if secureboot is on in first kernel.
>
> Signed-off-by: Vivek Goyal <vgoyal@xxxxxxxxxx>
> ---
> kernel/ksysfs.c | 25 +++++++++++++++++++++++++
> 1 file changed, 25 insertions(+)
>
> diff --git a/kernel/ksysfs.c b/kernel/ksysfs.c
> index 6ada93c..7262245 100644
> --- a/kernel/ksysfs.c
> +++ b/kernel/ksysfs.c
> @@ -18,6 +18,8 @@
> #include <linux/stat.h>
> #include <linux/sched.h>
> #include <linux/capability.h>
> +#include <linux/efi.h>
> +#include <linux/module.h>
>
> #define KERNEL_ATTR_RO(_name) \
> static struct kobj_attribute _name##_attr = __ATTR_RO(_name)
> @@ -101,6 +103,25 @@ static ssize_t kexec_crash_loaded_show(struct kobject *kobj,
> }
> KERNEL_ATTR_RO(kexec_crash_loaded);
>
> +static ssize_t secureboot_enabled_show(struct kobject *kobj,
> + struct kobj_attribute *attr, char *buf)
> +{
> + /* TODO: Change it once secureboot patches are in */
> + return sprintf(buf, "%d\n", 1);
> +}
> +KERNEL_ATTR_RO(secureboot_enabled);

You're defaulting this to enabled, even on machines where SB isn't
possible. I realize there are TODOs there, but you might want to
default it to off if you really intend this on going upstream before
any of the other secure_* infrastructure does.

> +
> +static ssize_t secure_modules_enabled_show(struct kobject *kobj,
> + struct kobj_attribute *attr, char *buf)
> +{
> + /*
> + * TODO: Change it once secure_modules() or secure_level() patches
> + * are in
> + */
> + return sprintf(buf, "%d\n", 1);
> +}
> +KERNEL_ATTR_RO(secure_modules_enabled);
> +

Similarly, this should either default to off, or just return the value
of sig_enforce. You can replace the open coded sig_enforce with
secure_modules if/when it goes upstream.

josh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Al Viro: "Re: linux-next: manual merge of the akpm tree with Linus' tree"
Previous message: Wei Yongjun: "[PATCH] drm/msm: fix return value check in ERR_PTR()"
In reply to: Vivek Goyal: "Re: [PATCH 14/16] kexec: Export sysfs attributes for secureboot andsecure modules to user space"
Next in thread: Vivek Goyal: "Re: [PATCH 14/16] kexec: Export sysfs attributes for secureboot andsecure modules to user space"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]