[Ksummit-discuss] [CORE TOPIC] Trusted kernel patchset

[Matthew Garrett]

(Posting as core rather than tech because I suspect this is more 
political than technical at this point)

Most major distributions ship these. There is strong demand from Google, 
who want to use them in a use-case that has nothing to do with UEFI 
Secure Boot. Making a distinction between root and kernel security is a 
necessary part of securing a boot chain[1].

Yet, after apparently gaining at least a rough consensus at LPC last 
year, we're now at the point where there's yet another suggestion for 
how to rewrite them but absolutely nobody showing any signs of being 
willing to do that work or any agreement from anyone in the security 
community that entirely reworking capabilities is either practical or 
desirable.

It'd be nice to have this done before August, but given that all 
previous attempts to actually get it unblocked on mailing lists have 
failed maybe we should talk about it in person. Again.

[1] See: the large number of people running modified kernels on their 
Android devices by using the signed vendor kernel to kexec them. Great 
for freedom, bad for the guarantees you were attempting to provide 
regarding trusted code

-- 
Matthew Garrett | mjg59 at srcf.ucam.org