Date: Wed, 30 Aug 2017 21:21:20 -0400 (EDT) From: Daniel Eischen <deischen@freebsd.org> To: Ian Lepore <ian@freebsd.org> Cc: "Simon J. Gerraty" <sjg@juniper.net>, freebsd-arch@freebsd.org Subject: Re: Import BearSSL ? (Adding verification to loader) Message-ID: <Pine.GSO.4.64.1708302116090.22940@sea.ntplx.net> In-Reply-To: <1504132983.56799.90.camel@freebsd.org> References: <44449.1497382261@kaos.jnpr.net> <CAPyFy2BEhPEsFJNj2Gfieb%2BDJ-O9nWR6%2Bwpu-5Ahfia69ohfcQ@mail.gmail.com> <24256.1504130148@kaos.jnpr.net> <1504132983.56799.90.camel@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Aug 2017, Ian Lepore wrote: > On Wed, 2017-08-30 at 14:55 -0700, Simon J. Gerraty wrote: >> Hi, >> >> Background: >> >> I've been adding what amounts to a mini "verified exec" to the freebsd >> loader for use in Junos. >> >> What this means is that the loader verifies the kernel and all the >> modules before loading them, and can reject anything for which a >> registered fingerprint (eg. sha1 hash) does not match. [ ... ] > > We need this exact feature (verification of kernel and modules) for an > upcoming product at work. =A0Including the library code in contrib > certainly sounds attractive to me, too. > > I wouldn't be surprised if interest in this goes beyond those of us > building embedded appliances. Indeed, why couldn't it be enabled by default for FreeBSD.org packaged distribs? Or am I jumping the gun by a few years? --=20 DE From owner-freebsd-arch@freebsd.org Thu Aug 31 01:55:39 2017 Return-Path: <owner-freebsd-arch@freebsd.org> Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6598DE10CBD for <freebsd-arch@mailman.ysv.freebsd.org>; Thu, 31 Aug 2017 01:55:39 +0000 (UTC) (envelope-from amutu@amutu.com) Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1F8DC63B0A for <freebsd-arch@freebsd.org>; Thu, 31 Aug 2017 01:55:39 +0000 (UTC) (envelope-from amutu@amutu.com) Received: by mail-oi0-x22c.google.com with SMTP id r203so65038734oih.0 for <freebsd-arch@freebsd.org>; Wed, 30 Aug 2017 18:55:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amutu-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=LvgYARGA/Dr/L4RHVKdA2DtdzqlDu5CZSad95KovYkM=; b=bg3faZ/Qj6T8cubfCRuz3fVRaptGFgMxSvidad1XS6lv6zhI3MxE5fxBQRZ7k7P46c sKQhff0WCj/52yO6S2WQ/yeRxpjmBtLIBJVVce4tJ2RHDfkUGs5tToxmJc2WBC1wWTqo 2L37/ANkW9TLBJkxdrZeMvgVOBZjFjGyM8O50uyIb9cPvMySoRfj48rYwOJPWEh65+bB RTHr0R/y9/n5gYH5MX+WZXi95Zv7UWRd4zP9YJQKwqN02+mVMLyffRgSMPDt8PG8bqZK mavAe7WsHy2yeYGL7HaYN7RGQnQci4wn8OoKLmvOciP4ksotQKxlONpUnagAp6bEukpE r3ww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=LvgYARGA/Dr/L4RHVKdA2DtdzqlDu5CZSad95KovYkM=; b=NzJ85Ko0iuhAmIFeeWUEpfj8whIYeSBgr4t0JK8sXIW+SIGOXZGJkBM3SGKUe9h7yG i0PJuBVgyDJkLoYrV0UwfBxcE7zyRio1+8ZT1jDoEsfz9Ic7auEblTi6k5TZXjG/8hwa pjUSIGZygEsDOkvxqTmJuah4ezUEY3FXgMW1va/u644dZrwl6elN8S5bMcZCEjKURtd/ rhTrI24sSab9klZUmO1c856dcQIbWOUjsuApR0lj0DIGO4rhNi7ZSB4qc9IZ12hVVMC4 cRw0sr6G+BFUF7muLq9wtaWvHx9EnIqmQTRjn0no2hvAvLctIh8FJqz2Jz0wV73teBdT rtgQ== X-Gm-Message-State: AHYfb5iKZTQ2SGdJmmoXg3/CtfdklhL3Dii4FO/NXZ88WBrykx7LvQNh Y79r5KvPgsHmn9G8 X-Google-Smtp-Source: ADKCNb6wnuK6//7pny23FJ1dCYJhhnz6TlFcRhZsJb+D2V9ZbhoJnlaS0e4Y4IFesNykebzjTIC//w== X-Received: by 10.202.245.216 with SMTP id t207mr3112347oih.228.1504144538222; Wed, 30 Aug 2017 18:55:38 -0700 (PDT) Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com. [209.85.218.52]) by smtp.gmail.com with ESMTPSA id r129sm5863305oif.8.2017.08.30.18.55.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 30 Aug 2017 18:55:37 -0700 (PDT) Received: by mail-oi0-f52.google.com with SMTP id t75so65180173oie.3; Wed, 30 Aug 2017 18:55:37 -0700 (PDT) X-Received: by 10.202.172.205 with SMTP id v196mr3130881oie.49.1504144537125; Wed, 30 Aug 2017 18:55:37 -0700 (PDT) MIME-Version: 1.0 Received: by 10.74.128.197 with HTTP; Wed, 30 Aug 2017 18:55:16 -0700 (PDT) In-Reply-To: <Pine.GSO.4.64.1708302116090.22940@sea.ntplx.net> References: <44449.1497382261@kaos.jnpr.net> <CAPyFy2BEhPEsFJNj2Gfieb+DJ-O9nWR6+wpu-5Ahfia69ohfcQ@mail.gmail.com> <24256.1504130148@kaos.jnpr.net> <1504132983.56799.90.camel@freebsd.org> <Pine.GSO.4.64.1708302116090.22940@sea.ntplx.net> From: Jov <amutu@amutu.com> Date: Thu, 31 Aug 2017 09:55:16 +0800 X-Gmail-Original-Message-ID: <CADyrUxM+C-9dw8EMqSKyuoACWUFQYM5LnbBKyTDpT=pmhyGuDw@mail.gmail.com> Message-ID: <CADyrUxM+C-9dw8EMqSKyuoACWUFQYM5LnbBKyTDpT=pmhyGuDw@mail.gmail.com> Subject: Re: Import BearSSL ? (Adding verification to loader) To: Daniel Eischen <deischen@freebsd.org> Cc: Ian Lepore <ian@freebsd.org>, freebsd-arch@freebsd.org, "Simon J. Gerraty" <sjg@juniper.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org> List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-arch>, <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>; List-Post: <mailto:freebsd-arch@freebsd.org> List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help> List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-arch>, <mailto:freebsd-arch-request@freebsd.org?subject=subscribe> X-List-Received-Date: Thu, 31 Aug 2017 01:55:39 -0000 +1 I use zfs+geli encrypted root for several VPS=EF=BC=8Cas the bootpool is no= t encrypted, I am always worried that someone may replace my kernel or kernel module.(I know 11.x support full disk encrypt without bootpool but an upgrade is not a choice now). Jov 2017-08-31 9:21 GMT+08:00 Daniel Eischen <deischen@freebsd.org>: > On Wed, 30 Aug 2017, Ian Lepore wrote: > > On Wed, 2017-08-30 at 14:55 -0700, Simon J. Gerraty wrote: >> >>> Hi, >>> >>> Background: >>> >>> I've been adding what amounts to a mini "verified exec" to the freebsd >>> loader for use in Junos. >>> >>> What this means is that the loader verifies the kernel and all the >>> modules before loading them, and can reject anything for which a >>> registered fingerprint (eg. sha1 hash) does not match. >>> >> [ ... ] > >> >> We need this exact feature (verification of kernel and modules) for an >> upcoming product at work. Including the library code in contrib >> certainly sounds attractive to me, too. >> >> I wouldn't be surprised if interest in this goes beyond those of us >> building embedded appliances. >> > > Indeed, why couldn't it be enabled by default for FreeBSD.org > packaged distribs? Or am I jumping the gun by a few years? > > -- > DE > > _______________________________________________ > freebsd-arch@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.64.1708302116090.22940>