On 5/12/19 7:52 AM, Mimi Zohar wrote: > On Sun, 2019-05-12 at 11:17 +0200, Dominik Brodowski wrote: >> On Thu, May 09, 2019 at 01:24:17PM +0200, Roberto Sassu wrote: >>> This proposal consists in marshaling pathnames and xattrs in a file called >>> .xattr-list. They are unmarshaled by the CPIO parser after all files have >>> been extracted. >> >> Couldn't this parsing of the .xattr-list file and the setting of the xattrs >> be done equivalently by the initramfs' /init? Why is kernel involvement >> actually required here? > > It's too late. The /init itself should be signed and verified. If the initramfs cpio.gz image was signed and verified by the extractor, how is the init in it _not_ verified? Rob
