[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security
rostedt at goodmis.org
Wed Jun 27 17:35:42 UTC 2012
On Wed, 2012-06-27 at 18:24 +0100, Matthew Garrett wrote:
> If anything's able to write into kernel memory then I think we've
> already got fairly significant problems.
Which brings up an interesting point. IIRC, if a root hole is found in
one of the signed kernels, that signature will get blacklisted, such
that, that kernel will not boot anymore.
(side note) How is the firmware updated to handle changes in what's
accepted or not?
Is root holes found in Windows products going to have the same scrutiny?
> The model I was envisaging
> would involve the kernel verifying the kdump kernel when userspace loads
That's what I figured.
More information about the Ksummit-2012-discuss