CONFIG_MODULE_SIG and the unreproducible Linux Kernel

Bernhard M. Wiedemann bernhardout at lsmod.de
Mon Sep 16 16:52:24 UTC 2024


In openSUSE, we currently use a constant pubkey. The corresponding 
private key is hopefully safely stored in some hsm. This allows us to 
build out-of-tree modules (kmps) as separate packages.
But indeed it comes at the risk that some malicious kmp could get signed 
via the OpenBuildService and you might not even know about it.

We have up to 35 kmps (some are already dropped):
https://github.com/openSUSE/slowroll-tools/blob/devel/in/kmps


Since we are on the topic of the Linux kernel,
I'll add two recent issues:
https://bugzilla.opensuse.org/show_bug.cgi?id=1230414 BTF race-condition

And 
https://lore.kernel.org/linux-doc/33018311-0bdf-4258-b0c0-428a548c710d@suse.de/T/#t 
=
https://github.com/sphinx-doc/sphinx/issues/6714 kernel htmldocs 
race-condition


Ciao
Bernhard M.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20240916/64f63f40/attachment.sig>


More information about the rb-general mailing list