On Tue, 2025-04-29 at 15:04 +0200, Thomas Weißschuh wrote: > The current signature-based module integrity checking has some > drawbacks in combination with reproducible builds: > Either the module signing key is generated at build time, which makes > the build unreproducible,
I don't believe it does: as long as you know what the key was, which you can get from the kernel keyring, you can exactly reproduce the core build (it's a public key after all and really equivalent to built in configuration). Is the fact that you have to boot the kernel to get the key the problem? In which case we could insist it be shipped in the kernel packaging. > or a static key is used, which precludes rebuilds by third parties > and makes the whole build and packaging process much more > complicated. No, it's the same as above ... as long as you have the public key you can reproduce the core build with the same end to end hash. However, is there also a corresponding question of how we verify reproduceability of kernel builds (and the associated modules ... I assume for the modules you do strip the appended signature)? I assume you're going by the secure boot hash (authenticode hash of the efi stub and the compressed payload which includes the key). However, if we had the vmlinux.o we could do a much more nuanced hash to verify the build, say by placing the keyring data in a section that isn't hashed. Regards, James
