Re: Linux Firmware Signing

From: Joshua Brindle
Date: Tue Sep 01 2015 - 10:13:07 EST

Next message: Thomas Graf: "Re: [PATCH 2/3] rhashtable-test: retry insert operations in threads"
Previous message: Srinivas Pandruvada: "Re: [PATCH v2 4/4] iio: bmc150: Add SPI driver"
Next in thread: Roberts, William C: "RE: Linux Firmware Signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Paul Moore wrote:
<snip>

Yes, there are lots of way we could solve the signed policy format
issue, I just don't have one in mind at this moment. Also, to be
honest, there are enough limitations to signing SELinux policies that
this isn't very high onmy personal SELinux priority list.

The fact that there are so many userspace specific parts of the policy that never make it into the kernel precludes any meaningful verification anyway.

And SELinux already has a mechanism for raising the integrity of a process to do things like signature checking in userspace, the domain transition. If someone wants validation of the SELinux policy they just need to eliminate every domains ability to load policy except for a trusted policy loader that does signature checking.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Thomas Graf: "Re: [PATCH 2/3] rhashtable-test: retry insert operations in threads"
Previous message: Srinivas Pandruvada: "Re: [PATCH v2 4/4] iio: bmc150: Add SPI driver"
Next in thread: Roberts, William C: "RE: Linux Firmware Signing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]