On Fri, Aug 17, 2012 at 1:44 PM, Josh Boyer <jwbo...@gmail.com> wrote: >> I still think the signed_modules_install script, renamed to something >> like ephemeral_signed_modules_install, is worthwhile and becomes a >> convience tool for the developer, wanting to use ephemeral keys. The >> private key, in Dmitry's updated patches soon to be posted, will be >> password protected with a random number, that is only accessible to the >> current shell. > > I think the existence of an additional make target for signed modules > is really confusing. Particularly when you consider the target still > exists even if the kernel isn't setup to work with signed modules. If > the config options are set, just have 'make modules_install' do it and > create a key if one doesn't exist (or better yet, have 'make' do it). > > Also... password protecting the key that only responds to the current > shell really sounds like a show-stopper for this being used by distros. > There is no way a distro is going to be able to type a password in > during a kernel build. It completely removes the usability of distros > that want to use a per-kernel build ephemeral key. If you're going to > do this, please wrap it in a kconfig option so the second distro case > I mentio above is still possible.
Here's a suggestion that might help the discussion. In the next revision of the patch set, include a document in Documentation/ that covers the module signing design, the purposes it's intended to fit, and a high level description of the various module loading scenarios (signed, unsigned, signed with a key not in the keyring, etc). That way we can at least see at a higher level what the thinking behind the implemenation is. I think some of our back and forth (while good!) is because we see signed modules being used for different purposes. josh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
