On 9/15/2024 9:11 AM, Linus Torvalds wrote:
On Fri, 13 Sept 2024 at 10:30, Roberto Sassu

[...]

The objections I had were against the whole "start doing policy in
kernel", with what sounded like actually parsing and unpacking rpm
contents and verifying them with a pgp key. *That* still sounds like a
disaster to me, and is the part that made me go "why isn't that done
in user space together with then generating the fsverifty
information"?

In my opinion, trusting root in this situation is not ideal. Trusting root means trusting all applications that root can run, that they will verify PGP signatures of fsverity digests with Linux distribution keys. In order to trust them, we would need to check the integrity of all those applications, in particular file read and IPC with the rest of the system.

A safer way to achieve the same goal is to let the kernel verify PGP signatures, assuming that the kernel is more privileged and cannot be tampered by root (for example, by using the 'lockdown' LSM). Since the PGP keys of the Linux distribution would be embedded in the kernel image (or certified by the embedded ones), trusting the system would require only to verify the kernel image itself (for example, with the boot loader).

Kernel-based policy enforcement is currently adopted by other LSMs, such as SELinux. SELinux also parses and enforces a policy sent from user space in the kernel. This does not mean that the policy itself is in the kernel, but that the kernel is the only component in the position of enforcing the policy without trusting all applications that root can run.

Roberto

The argument that the kernel is the only part of the system you trust
is bogus. The kernel does nothing on its own (apart from device
enumeration etc of course), so if you have no trustworthy user space,
then you might as well just give up entirely. At a *minimum* you have
initrd, and that can then be the start of a chain of user space trust.

Parsing rpm files in the kernel really sounds horrendous. But that
doesn't mean that I hate *this* series that just adds pgp key handling
in case there are other valid uses for it.

But maybe I misunderstood the original suggestion from Roberto.

               Linus


Reply via email to