From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752728AbaBZWWK (ORCPT ); Wed, 26 Feb 2014 17:22:10 -0500 Received: from lxorguk.ukuu.org.uk ([81.2.110.251]:43340 "EHLO lxorguk.ukuu.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751219AbaBZWWI (ORCPT ); Wed, 26 Feb 2014 17:22:08 -0500 Date: Wed, 26 Feb 2014 22:21:51 +0000 From: One Thousand Gnomes To: Kees Cook Cc: Matthew Garrett , LKML , Greg KH , "H. Peter Anvin" , "linux-efi@vger.kernel.org" , James Morris , linux-security-module Subject: Re: Trusted kernel patchset for Secure Boot lockdown Message-ID: <20140226222151.78854cd8@alan.etchedpixels.co.uk> In-Reply-To: References: <1393445473-15068-1-git-send-email-matthew.garrett@nebula.com> Organization: Intel Corporation X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.20; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > kernel was trusted - untrusted userspace could have set it on an untrusted > > kernel, but by the same metric an untrusted kernel could just set it itself. > > > > If people object to this name then I swear to god that I will open a poll > > on Phoronix to decide the next attempt and you will like that even less. Go on open the poll - I dare you. But don't be shocked if it ends up being called "Eric" or "Icanhazsigs" 8) > For the Chrome OS use-case, it might be better described as "untrusted > userspace", but that seems unfriendly. :) The "trusted kernel" name > seems fine to me. Trusted is rather misleading. It's not trusted, it's *measured*. It's the same bits you had when you made it, and when you booted it before. Whether you trust them is a different and quite unrelated question. You may have reasons to do either. Alan From mboxrd@z Thu Jan 1 00:00:00 1970 From: One Thousand Gnomes Subject: Re: Trusted kernel patchset for Secure Boot lockdown Date: Wed, 26 Feb 2014 22:21:51 +0000 Message-ID: <20140226222151.78854cd8@alan.etchedpixels.co.uk> References: <1393445473-15068-1-git-send-email-matthew.garrett@nebula.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Kees Cook Cc: Matthew Garrett , LKML , Greg KH , "H. Peter Anvin" , "linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , James Morris , linux-security-module List-Id: linux-efi@vger.kernel.org > > kernel was trusted - untrusted userspace could have set it on an untrusted > > kernel, but by the same metric an untrusted kernel could just set it itself. > > > > If people object to this name then I swear to god that I will open a poll > > on Phoronix to decide the next attempt and you will like that even less. Go on open the poll - I dare you. But don't be shocked if it ends up being called "Eric" or "Icanhazsigs" 8) > For the Chrome OS use-case, it might be better described as "untrusted > userspace", but that seems unfriendly. :) The "trusted kernel" name > seems fine to me. Trusted is rather misleading. It's not trusted, it's *measured*. It's the same bits you had when you made it, and when you booted it before. Whether you trust them is a different and quite unrelated question. You may have reasons to do either. Alan