From: Alexander Holler <holler@ahsoftware.de>
To: Michal Marek <mmarek@suse.cz>, linux-kernel@vger.kernel.org
Cc: linux-kbuild@vger.kernel.org, David Howells <dhowells@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH] modsign: provide option to automatically delete the key after modules were installed
Date: Fri, 23 Jan 2015 13:34:42 +0100 [thread overview]
Message-ID: <54C23FE2.9030303@ahsoftware.de> (raw)
In-Reply-To: <54C2367C.4000909@ahsoftware.de>
Am 23.01.2015 um 12:54 schrieb Alexander Holler:
> Am 23.01.2015 um 12:43 schrieb Alexander Holler:
>> Am 23.01.2015 um 11:55 schrieb Michal Marek:
>
>>> The .x509 file contains a certificate signed by the private key, but not
>>> the private key. With some scripting, it can be used to verify the
>>> module signatures.
>>
>>
>> Assuming that doesn't change (hopefully), I'll send v2 in a few minutes
>> (it just compiles in order to test it). Thanks for assuring me that
>> .x509 does not and will not contain the private key.
>
> I'm happy I did that. Just deleting the private key currently doesn't
> work. A subsequent make fails:
>
> -----------------------------
> (...)
> INSTALL arch/x86/crypto/aesni-intel.ko
> Can't read private key
> (...)
> -----------------------------
>
> Maybe that's the reason I've always deleted both files, can't remember.
>
> I will see if I find the time and passion to change the Makefile in
> order to fix that. So you might either use my existing patch or wait if
> I will send a new one.
Having had a look at the Makefile, I don't think I will change that. The
reasons are:
1. I have no idea about how distro maintainers do handle their private
and public keys used to sign modules.
2. There might be legitimate reasons to build the kernel using only the
public key and not regenerating it because the private key doesn't exist.
3. I don't see any real reason not to delete the public key too if this
new option is enabled. For me it's enough if the kernel is able to
verify the modules with the embedded public key. For other usage
scenarios one just should not use the new option.
4. With some scripting it should be possible to extract the public key
out of an existing binary kernel. So there is no real need to change the
already complicated build process which might make it even more complicated.
That means I'm still happy with the patch. So feel free to ignore or
apply it.
Regards,
Alexander Holler
next prev parent reply other threads:[~2015-01-23 12:34 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-23 1:20 [PATCH] modsign: provide option to automatically delete the key after modules were installed Alexander Holler
2015-01-23 9:24 ` Michal Marek
2015-01-23 9:39 ` Alexander Holler
2015-01-23 10:15 ` Alexander Holler
2015-01-23 10:55 ` Michal Marek
2015-01-23 11:43 ` Alexander Holler
2015-01-23 11:54 ` Alexander Holler
2015-01-23 12:34 ` Alexander Holler [this message]
2015-01-23 18:26 ` Alexander Holler
2015-01-23 12:56 ` David Howells
2015-01-23 13:27 ` Alexander Holler
2015-01-23 13:35 ` Alexander Holler
2015-01-23 21:57 ` [PATCH] modsign: overwrite keys with zero before deleting them Alexander Holler
2015-01-23 22:06 ` Richard Weinberger
2015-01-23 22:16 ` Alexander Holler
2015-01-23 23:58 ` David Howells
2015-01-24 0:13 ` Alexander Holler
2015-01-24 1:27 ` Pádraig Brady
2015-01-24 10:45 ` [PATCH v2] modsign: use shred to overwrite the private key before deleting it Alexander Holler
2015-01-24 11:37 ` Alexander Holler
2015-01-24 12:09 ` Alexander Holler
2015-01-24 12:29 ` Alexander Holler
2015-01-25 2:13 ` Pádraig Brady
2015-01-25 2:43 ` Alexander Holler
2015-01-25 10:32 ` Alexander Holler
2015-01-25 10:57 ` Alexander Holler
2015-01-25 11:42 ` Alexander Holler
2015-01-25 12:04 ` Alexander Holler
2015-01-25 12:08 ` Richard Weinberger
2015-01-25 12:24 ` Alexander Holler
2015-01-25 12:28 ` Richard Weinberger
2015-01-25 12:57 ` Alexander Holler
2015-01-25 12:36 ` Alexander Holler
2015-01-25 13:46 ` Alexander Holler
2015-01-29 22:39 ` Alexander Holler
2015-07-18 21:56 ` [PATCH] modsign: provide option to automatically delete the key after modules were installed Alexander Holler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54C23FE2.9030303@ahsoftware.de \
--to=holler@ahsoftware.de \
--cc=dhowells@redhat.com \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mmarek@suse.cz \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.