CONFIG_MODULE_SIG and the unreproducible Linux Kernel
Bernhard M. Wiedemann
bernhardout at lsmod.de
Mon Sep 16 16:52:24 UTC 2024
In openSUSE, we currently use a constant pubkey. The corresponding
private key is hopefully safely stored in some hsm. This allows us to
build out-of-tree modules (kmps) as separate packages.
But indeed it comes at the risk that some malicious kmp could get signed
via the OpenBuildService and you might not even know about it.
We have up to 35 kmps (some are already dropped):
https://github.com/openSUSE/slowroll-tools/blob/devel/in/kmps
Since we are on the topic of the Linux kernel,
I'll add two recent issues:
https://bugzilla.opensuse.org/show_bug.cgi?id=1230414 BTF race-condition
And
https://lore.kernel.org/linux-doc/33018311-0bdf-4258-b0c0-428a548c710d@suse.de/T/#t
=
https://github.com/sphinx-doc/sphinx/issues/6714 kernel htmldocs
race-condition
Ciao
Bernhard M.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20240916/64f63f40/attachment.sig>
More information about the rb-general
mailing list