On 01/11/2013 01:08 PM, Vivek Goyal wrote: >> >> A signed /sbin/kexec would realistically have to be statically linked, >> at least in the short term; otherwise the libraries and ld.so would need >> verification as well. > > Yes. That's the expectation. Sign only statically linked exeutables which > don't do any of dlopen() stuff either. > > In fact in the patch, I fail the exec() if signed executable has > interpreter. > As I said, though (and possibly not for kexec, that depends): in the long term we probably want a way to be able to sign all kinds binaries in the system. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf.
