[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen.efi and secure boot

  • To: George Dunlap <dunlapg@xxxxxxxxx>
  • From: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 27 Nov 2012 11:20:03 +0000
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "Keir \(Xen.org\)" <keir@xxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
  • Delivery-date: Tue, 27 Nov 2012 11:16:00 +0000
  • Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEWysKsSBQMIAwIZCwj///8wIhxoRDXH9QHCAAABeUlEQVQ4jaXTvW7DIBAAYCQTzz2hdq+rdg494ZmBeE5KYHZjm/d/hJ6NfzBJpp5kRb5PHJwvMPMk2L9As5Y9AmYRBL+HAyJKeOU5aHRhsAAvORQ+UEgAvgddj/lwAXndw2laEDqA4x6KEBhjYRCg9tBFCOuJFxg2OKegbWjbsRTk8PPhKPD7HcRxB7cqhgBRp9Dcqs+B8v4CQvFdqeot3Kov6hBUn0AJitrzY+sgUuiA8i0r7+B3AfqKcN6t8M6HtqQ+AOoELCikgQSbgabKaJW3kn5lBs47JSGDhhLKDUh1UMipwwinMYPTBuIBjEclSaGZUk9hDlTb5sUTYN2SFFQuPe4Gox1X0FZOufjgBiV1Vls7b+GvK3SU4wfmcGo9rPPQzgIabfj4TYQo15k3bTHX9RIw/kniir5YbtJF4jkFG+dsDK1IgE413zAthU/vR2HVMmFUPIHTvF6jWCpFaGw/A3qWgnbxpSm9MSmY5b3pM1gvNc/gQfwBsGwF0VCtxZgAAAAASUVORK5CYII=
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

> ruling out third-party or out-of-tree drivers.  Ubuntu are not signing
> modules AIUI, so in theory someone could install a rootkit; but they think

They can anyway. If the kernel has a hole you can just stuff something
hidden in early early userspace boot (eg in the initrd) to re-trojan it.

Plus the next generation of devices mostly suspend/resume so its hardly
that important anyway.

> that it's likely any local attacker is going to be able to attack the
> kernel anyway; on the balance having third-party drivers is more important
> to them.

Don't be misled into thinking this has anything much to do with security.
If you are trying to do security use the TPM and do a trusted measured
boot which gives you the keys to the file system which then uses signing
of its own.
> Nonetheless, Ubuntu are still signing kernels

In the UEFI sense they are not - nor are Fedora. They are signing a tiny
boot loader and implementing their own policy behind that. It's basically
a way around the Windows 8 lock down.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.