From owner-freebsd-hackers@freebsd.org Thu Mar 30 03:28:46 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3FBDBD17C11; Thu, 30 Mar 2017 03:28:46 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (mail.metricspace.net [IPv6:2001:470:1f11:617::107]) by mx1.freebsd.org (Postfix) with ESMTP id 15619A26; Thu, 30 Mar 2017 03:28:46 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [IPv6:2001:470:1f11:617:3210:b3ff:fe77:ca3f] (unknown [IPv6:2001:470:1f11:617:3210:b3ff:fe77:ca3f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id 1BD361911; Thu, 30 Mar 2017 03:28:45 +0000 (UTC) Subject: Re: Proposal for a design for signed kernel/modules/etc To: Konstantin Belousov References: <6f6b47ed-84e0-e4c0-9df5-350620cff45b@metricspace.net> <20170330032528.GT43712@kib.kiev.ua> Cc: "freebsd-hackers@freebsd.org" , freebsd-security@freebsd.org From: Eric McCorkle Message-ID: <164dec90-bfa3-4446-2ecb-49b257188d42@metricspace.net> Date: Wed, 29 Mar 2017 23:28:31 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20170330032528.GT43712@kib.kiev.ua> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="02EUP2gS58WSV5tTurcbE566WE2PgVkSs" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Mar 2017 03:28:46 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --02EUP2gS58WSV5tTurcbE566WE2PgVkSs Content-Type: multipart/mixed; boundary="R4DT45iS3jdpLXk254IxS0UoUD1adVm26"; protected-headers="v1" From: Eric McCorkle To: Konstantin Belousov Cc: "freebsd-hackers@freebsd.org" , freebsd-security@freebsd.org Message-ID: <164dec90-bfa3-4446-2ecb-49b257188d42@metricspace.net> Subject: Re: Proposal for a design for signed kernel/modules/etc References: <6f6b47ed-84e0-e4c0-9df5-350620cff45b@metricspace.net> <20170330032528.GT43712@kib.kiev.ua> In-Reply-To: <20170330032528.GT43712@kib.kiev.ua> --R4DT45iS3jdpLXk254IxS0UoUD1adVm26 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 03/29/2017 23:25, Konstantin Belousov wrote: > First, you mix or do not understand a difference between section and se= gment. > Second, this scheme allows to add loadable segments after signing. > Third, most important, it has zero chances of working for amd64 modules= =2E That design has been abandoned in later discussions. --R4DT45iS3jdpLXk254IxS0UoUD1adVm26-- --02EUP2gS58WSV5tTurcbE566WE2PgVkSs Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEzzhiNNveVG6nWjcH1w0wQIFco2cFAljce18ACgkQ1w0wQIFc o2f9kw/5AXtlmgobBmv1OUs4fhHn6i4+2PFV/nJey5twu3kyuJQZdUwl4TIudVy3 +ycN6lds4inoMfd+vx3sBCDW9rlN7L9/Ovuq6fYy3DBhX6k8GncCcgHyLpu9Wwxa U3IRW+mRUzo6feOnxl//0h6gqJzHWAIoxTlB49Lyh9gbwZWdVd+Mammj/i5FDgrp iaC57Zz1G/zlm0Ry4No7kloMUoJJXOPy1+ZBnM2VlGpA94hcJVCy5tnbQbMATQd9 6sJwGyW3ofOkr4b8/jzjK7N2wPHr/0JRZufMrxxarKqz8eRS6xtPf7ZNLV83oVxc rt/mPFiH+ZcWDtek1RlNNKUsvAmMzdy18G7QF0n8knI0YsW4Iv1dJts6TodRfhOm pDk0Iau+7bIe0LnALN82N2lMH9zwUE+iykYQC3SttooNRhYGs3lU4/MN7bt3Z3EB ErT5tadl6y8aRgMsO+1M1xAdF+AsrQ5WX31Op+2kCS3/PtDE3G2uP1xh2KJXYjPN s+WyU0n+THlqN2LIw4cESrnlEZUcVmqtjGcTjyQYbYNw8w6rZOSAECGZ9YOi+A78 FXJijg3HwcZ/Uv+KrnjpWTnnXYy8YPDcmq0zankjGwDEmUtfsalpqm2VpCTyjct9 ucgEPDX97GQTt0j3ZDRhSmPOzbYRmAAa0i9j+1BaNeRWbBH6SEk= =dYAg -----END PGP SIGNATURE----- --02EUP2gS58WSV5tTurcbE566WE2PgVkSs--