[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security
Rafael J. Wysocki
rjw at sisk.pl
Wed Jun 27 19:03:33 UTC 2012
On Wednesday, June 27, 2012, Steven Rostedt wrote:
> On Wed, 2012-06-27 at 19:28 +0200, Jiri Kosina wrote:
> > On Wed, 27 Jun 2012, Matthew Garrett wrote:
> > > If anything's able to write into kernel memory then I think we've
> > > already got fairly significant problems. The model I was envisaging
> > > would involve the kernel verifying the kdump kernel when userspace loads
> > > it.
> > It's not an exception when kernel security vulnerability gives the
> > attacker the possibility to overwrite arbitrary memory locations. As UEFI
> > secure boot is apparently not able to provide any
> > protection/countermeasure against this, I am really wondering what it is
> > good for in reality.
> Exactly. As soon as any signed kernel (Windows, Linux or other) has a
> root hole that can modify kernel memory, the entire system has been
> Thus, what is this protecting? Just a bigger wall for crackers to leap
But for Microsofr it's kind of easier to pretend that their kernel doesn't
contain any root holes (or equivalent).
More information about the Ksummit-2012-discuss