On Fri, Nov 02, 2012 at 03:42:48PM +0000, Matthew Garrett wrote: > On Fri, Nov 02, 2012 at 11:30:48AM -0400, Vivek Goyal wrote: > > > "crash" utility has module which allows reading kernel memory. So leaking > > this private key will be easier then you are thinking it to be. > > That's not upstream, right? Yes, checked with Dave, it is not upstream. Well, still it is a concern for distro kernel. So if we keep private key in kernel, looks like we shall have to disable one more feature in secureboot mode. Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
