* Chris Murphy: > On Mon, Jun 27, 2022 at 1:56 AM Florian Weimer <fwei...@redhat.com> wrote: >> >> * Neal Gompa: >> >> > I treat Secure Boot purely as a compatibility interface. We need to do >> > just enough to get through the secure boot environment. >> >> Right. It's not even clear to me why we enforce kernel module >> signatures in Secure Boot mode, and disable a few other kernel features. > > If users can load arbitrary unsigned kernel modules or hibernation > images, it silently circumvents UEFI Secure Boot. I agree this is a > frustrating paradigm for users who want certain features like using > 3rd party modules with a Fedora kernel, or using locked down kernel > features, but I'm not sure what the alternative is.
Do we revoke signatures on Fedora kernels with ring 0 escalations? I don't think so. Other distributions share the same trust root and do not revoke kernel signatures, either. Doesn't this mean there is an existing bypass already, by booting through a vulnerable kernel, exploiting it, and then chain-loading another kernel with secure boot effectively disabled (but perhaps lying to userspace about the status)? Thanks, Florian _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
