| Message ID | 20221215072708.466941-1-juerg.haefliger@canonical.com |
|---|---|
| Headers | show |
| Series | linux: Staging modules should be unsigned (LP: #1642368) | expand |
On 15.12.22 08:27, Juerg Haefliger wrote: > Modules under the drivers/staging hierarchy get little attention when it comes to vulnerabilities. It is possible that memory mapping tricks that expose kernel internals would go unnoticed. Therefore, do not sign staging modules so that they cannot be loaded in a secure boot environment. > > [juergh: This functionality has been disable accidentially in impish and > subsequently fixed (and enhanced) in kintetic. Bring that back to jammy.] > > Juerg Haefliger (6): > UBUNTU: [Packaging] Move and update signature inclusion list > UBUNTU: SAUCE: Add selective signing of staging modules > UBUNTU: [Packaging] Add module-signature-check > UBUNTU: [Packaging] module-signature-check: Check > debian.<foo>/signature-inclusion > UBUNTU: [Packaging] Introduce debian/scripts/sign-module > UBUNTU: SAUCE: Switch to using debian/scripts/sign-module > > debian/rules.d/4-checks.mk | 9 ++- > debian/scripts/module-signature-check | 76 +++++++++++++++++++ > debian/scripts/sign-module | 40 ++++++++++ > .../staging => debian}/signature-inclusion | 7 -- > scripts/Makefile.modinst | 8 +- > 5 files changed, 129 insertions(+), 11 deletions(-) > create mode 100755 debian/scripts/module-signature-check > create mode 100755 debian/scripts/sign-module > rename {drivers/staging => debian}/signature-inclusion (73%) > Sorry, too much other noise. So with confirmation that what gets dropped was reviewed and that we should be past 22.04.2 when this would be applied first time (to give some time to shake out the issues). Acked-by: Stefan Bader <stefan.bader@canonical.com>
A little bit of a late review but.. Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger@canonical.com> On Wed, Dec 14, 2022 at 11:28 PM Juerg Haefliger < juerg.haefliger@canonical.com> wrote: > Modules under the drivers/staging hierarchy get little attention when it > comes to vulnerabilities. It is possible that memory mapping tricks that > expose kernel internals would go unnoticed. Therefore, do not sign staging > modules so that they cannot be loaded in a secure boot environment. > > [juergh: This functionality has been disable accidentially in impish and > subsequently fixed (and enhanced) in kintetic. Bring that back to jammy.] > > Juerg Haefliger (6): > UBUNTU: [Packaging] Move and update signature inclusion list > UBUNTU: SAUCE: Add selective signing of staging modules > UBUNTU: [Packaging] Add module-signature-check > UBUNTU: [Packaging] module-signature-check: Check > debian.<foo>/signature-inclusion > UBUNTU: [Packaging] Introduce debian/scripts/sign-module > UBUNTU: SAUCE: Switch to using debian/scripts/sign-module > > debian/rules.d/4-checks.mk | 9 ++- > debian/scripts/module-signature-check | 76 +++++++++++++++++++ > debian/scripts/sign-module | 40 ++++++++++ > .../staging => debian}/signature-inclusion | 7 -- > scripts/Makefile.modinst | 8 +- > 5 files changed, 129 insertions(+), 11 deletions(-) > create mode 100755 debian/scripts/module-signature-check > create mode 100755 debian/scripts/sign-module > rename {drivers/staging => debian}/signature-inclusion (73%) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team >
On 15.12.22 08:27, Juerg Haefliger wrote: > Modules under the drivers/staging hierarchy get little attention when it comes to vulnerabilities. It is possible that memory mapping tricks that expose kernel internals would go unnoticed. Therefore, do not sign staging modules so that they cannot be loaded in a secure boot environment. > > [juergh: This functionality has been disable accidentially in impish and > subsequently fixed (and enhanced) in kintetic. Bring that back to jammy.] > > Juerg Haefliger (6): > UBUNTU: [Packaging] Move and update signature inclusion list > UBUNTU: SAUCE: Add selective signing of staging modules > UBUNTU: [Packaging] Add module-signature-check > UBUNTU: [Packaging] module-signature-check: Check > debian.<foo>/signature-inclusion > UBUNTU: [Packaging] Introduce debian/scripts/sign-module > UBUNTU: SAUCE: Switch to using debian/scripts/sign-module > > debian/rules.d/4-checks.mk | 9 ++- > debian/scripts/module-signature-check | 76 +++++++++++++++++++ > debian/scripts/sign-module | 40 ++++++++++ > .../staging => debian}/signature-inclusion | 7 -- > scripts/Makefile.modinst | 8 +- > 5 files changed, 129 insertions(+), 11 deletions(-) > create mode 100755 debian/scripts/module-signature-check > create mode 100755 debian/scripts/sign-module > rename {drivers/staging => debian}/signature-inclusion (73%) > Applied to jammy:linux/master-next. Thanks. -Stefan
Modules under the drivers/staging hierarchy get little attention when it comes to vulnerabilities. It is possible that memory mapping tricks that expose kernel internals would go unnoticed. Therefore, do not sign staging modules so that they cannot be loaded in a secure boot environment. [juergh: This functionality has been disable accidentially in impish and subsequently fixed (and enhanced) in kintetic. Bring that back to jammy.] Juerg Haefliger (6): UBUNTU: [Packaging] Move and update signature inclusion list UBUNTU: SAUCE: Add selective signing of staging modules UBUNTU: [Packaging] Add module-signature-check UBUNTU: [Packaging] module-signature-check: Check debian.<foo>/signature-inclusion UBUNTU: [Packaging] Introduce debian/scripts/sign-module UBUNTU: SAUCE: Switch to using debian/scripts/sign-module debian/rules.d/4-checks.mk | 9 ++- debian/scripts/module-signature-check | 76 +++++++++++++++++++ debian/scripts/sign-module | 40 ++++++++++ .../staging => debian}/signature-inclusion | 7 -- scripts/Makefile.modinst | 8 +- 5 files changed, 129 insertions(+), 11 deletions(-) create mode 100755 debian/scripts/module-signature-check create mode 100755 debian/scripts/sign-module rename {drivers/staging => debian}/signature-inclusion (73%)