CONFIG_MODULE_SIG and the unreproducible Linux Kernel
kpcyrd
kpcyrd at archlinux.org
Sat Sep 14 15:30:19 UTC 2024
Dear list,
there has been a recent public discussion on the Arch Linux gitlab about
the challenges and possible opportunities for making the Linux kernel
package reproducible that I want to share:
https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/merge_requests/1
This is related to `#Build·time·autogenerated·kernel·key0·` and the
/sys/kernel/security/lockdown feature (that is currently blocking a
reproducible Arch Linux kernel).
My personal favorite implementation of that feature would be a hashset
of allowed module hashes that is generated during the kernel build and
then embedded in the kernel image. This approach is authority-less[1],
can be implemented in a reproducible way, doesn't require access to any
secrets for building and makes it easy to reason about the set of
modules the computer will/won't load. As far as I know it's currently
not possible to configure the Linux build like this, so consider this a
feature request.
cheers,
kpcyrd
[1]: besides the authority that decides on the source code inputs, build
instructions and build environment of course
More information about the rb-general
mailing list