On Mon, Aug 31, 2015 at 12:45:36PM -0400, Mimi Zohar wrote: > On Mon, 2015-08-31 at 17:05 +0100, David Woodhouse wrote: > > On Mon, 2015-08-31 at 10:18 -0400, Mimi Zohar wrote: > > > I'm not real happy about it, but since we can't break the existing ABI > > > of loading data into the kernel via a buffer, a stop gap method of > > > signing and verifying a buffer would be needed. > > > > Actually I think we can. The usermode helper is already being phased > > out. > > Right. The discussion has moved beyond just firmware, but to policies > and other things the kernel consumes. And I'm saying that if the pitch here is we should be vetting *all* buffers passed to the kernel I'd agree a generic interface is desriable but more importantly I think we should get everyone on board first and its not clear to me that has yet happened. For the other interfaces were discussing that *did* have an obvious file descriptor (struct fd), or file (struct file) use it would seem obvious to try to streamline that and share the code there (modules, firmware, kexec, initramfs, SELinux policy files), our only issues there were what to do about file that some distros require to be generated by machines and are machine specific (SELinux policy file in some cases, initramfs in some others) and for that Paul had suggested to consider the Machine Owner Key (MOK) -- but now for buffers.... its news to me we had everyone up in arms in agreement on that crusade. I didn't even know such crusade existed. I can see why, but was just not aware there was an effort to streamline a solution. Luis _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.