[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security

Stefano Stabellini stefano.stabellini at eu.citrix.com
Thu Jun 28 13:48:59 UTC 2012


On Wed, 27 Jun 2012, James Bottomley wrote:
> On Wed, 2012-06-27 at 19:41 +0100, Matthew Garrett wrote:
> > On Wed, Jun 27, 2012 at 07:39:26PM +0100, James Bottomley wrote:
> > > On Wed, 2012-06-27 at 18:58 +0100, Matthew Garrett wrote:
> > > > If I can boot a signed Linux kernel and then use that to launch a 
> > > > trojaned Linux or Windows kernel then that signed kernel is likely to be 
> > > > blacklisted.
> > > 
> > > That's an extreme interpretation.  We can debate this at the kernel
> > > summit, but it's my belief that no-one, least of all Microsoft, the only
> > > possible CA for UEFI keys, is going to blacklist a Linux Key on the
> > > grounds that there's a possible trojan vector.
> > 
> > Sure, it's unlikely that anything will be blacklisted on a hypothetical. 
> > But it's not like writing winkexec would be difficult.
> > 
> > > Just look at Ubuntu's current secure boot plans: They're going to do a
> > > winqual signed elilo that will initially boot unsigned kernels.
> > > Microsoft seems to be happy with that
> > 
> > (Citation needed)
> 
> It's 
> 
> https://lists.ubuntu.com/archives/ubuntu-devel/2012-June/035445.html
> 
> Kernel Signing: ... "Therefore, we will only be requiring authentication
> of boot loader binaries.  Ubuntu will not require signed kernel images
> or kernel modules."
> 
> Or did you mean citation of "Microsoft seems happy with it"?  I was just
> taking that from the fact that there's been no negative Redmond reaction
> to the publicly posted plans.

I doubt that Microsoft is actually aware of Ubuntu's plans, even if they
have been posted to a mailing list that has public archives.

It would be nice to have a real confirmation.


More information about the Ksummit-2012-discuss mailing list