Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Posted Apr 28, 2020 16:32 UTC (Tue) by AngryChris (guest, #74783)In reply to: Garrett: Linux kernel lockdown, integrity, and confidentiality by LtWorf
Parent article: Garrett: Linux kernel lockdown, integrity, and confidentiality
> Lockdown is intended as a mechanism to avoid that, by providing an optional policy that closes off interfaces that allow root to modify the kernel.
Optional.
Posted Apr 28, 2020 19:41 UTC (Tue)
by LtWorf (subscriber, #124958)
[Link] (11 responses)
If root can just do echo 0 > /magicpath this feature would be completely pointless, so optional only means that it won't be enabled on every kernel by default, but if it gets enabled it is there for good I guess.
Posted Apr 29, 2020 0:19 UTC (Wed)
by rahulsundaram (subscriber, #21946)
[Link] (10 responses)
It's a config option. Why is this a concern?
Posted Apr 30, 2020 9:56 UTC (Thu)
by LtWorf (subscriber, #124958)
[Link] (9 responses)
Because when you buy a device you don't get to recompile the kernel, and for some devices it is completely impossible to replace the kernel with one that has the configuration you want it to have.
This patch aims to make running your own kernel on your own device even more difficult, since even by being root it might not be possible to replace the kernel.
So the problem is that even if you can compile a kernel without this option, if you can't run this kernel, it is pointless to be able to disable the option.
Posted Apr 30, 2020 12:59 UTC (Thu)
by rahulsundaram (subscriber, #21946)
[Link] (5 responses)
Sounds like some sort of restricted hardware problem than a kernel problem
Posted Apr 30, 2020 13:31 UTC (Thu)
by pizza (subscriber, #46)
[Link] (1 responses)
While you are technically correct, and the GPLv2 license of the kernel allows this, it's zero consolation for the end user who discovers that no, they don't actually "own" their hardware after all.
(...and that there is no "competition" in the "free market" that provices the option for non-restrictive hardware)
Posted Apr 30, 2020 15:17 UTC (Thu)
by rahulsundaram (subscriber, #21946)
[Link]
That is correct. Perhaps awareness of this problem will create market demand for more open hardware. I don't see how pointing fingers at lockdown patches help however. It's not like manufacturers of said restricted hardware can't simply patch their kernels to enforce restrictions regardless of whether they are upstream
Posted Apr 30, 2020 22:15 UTC (Thu)
by AngryChris (guest, #74783)
[Link] (2 responses)
>Sounds like some sort of restricted hardware problem than a kernel problem
You're exactly right. This mechanism simply enforces SecureBoot across the running kernel. This is the kind of thing you *want* if you want SecureBoot enabled. You can disable SecureBoot and disable this feature. The only problem is if the device doesn't let you disable SecureBoot. But that's a problem with the device, not the kernel.
People are looking for persecution where none exists.
Posted Apr 30, 2020 23:26 UTC (Thu)
by pizza (subscriber, #46)
[Link] (1 responses)
Absolutely! It's great.. if you're the device owner. But if you don't have the technical ability to disable SecureBoot, you're not the device owner, which raises all sorts of problems with calling the "purchase transaction" a "sale". (Because "sale" confers rights that you are not getting!)
> But that's a problem with the device, not the kernel.
The problem with absolute statements is that they are trivially disproven.
It is _illegal_ for me to break the lock on systems I supposedly own. Doing so anyway could get me quite literally persecuted. Discussing how to break those locks is also illegal, and yes, folks can and have been persecuted for that. Meanwhile, it is nearly impossible to purchase several classes of devices that are not locked down. They are not locked down for the benefit of the end-user, nor are they always locked down for the benefit of the manufacturer or seller; instead the lock-down is usually for third parties (eg Hollywood) that are not part of the transaction.
Posted May 4, 2020 12:55 UTC (Mon)
by tao (subscriber, #17563)
[Link]
Posted Apr 30, 2020 13:01 UTC (Thu)
by zdzichu (subscriber, #17118)
[Link] (1 responses)
Posted Apr 30, 2020 13:59 UTC (Thu)
by LtWorf (subscriber, #124958)
[Link]
We are in agreement that buying the device was a scam. But unless you were born last week, I'm sure you are aware of the real world situation where it is basically impossible to avoid such devices, and those changes are aimed at making such scams easier to perpetrate.
Posted Apr 30, 2020 13:41 UTC (Thu)
by pizza (subscriber, #46)
[Link]
One thing worth pointing out is that folks have been shipping locked-down Linux systems for the last 15 years, so Garrett's patch doesn't meaningfully change the status quo.
(FFS, it's still a steep uphill battle to get _source code_, something explicitly required by Linux's GPLv2 license...)
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
> People are looking for persecution where none exists.
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality
Garrett: Linux kernel lockdown, integrity, and confidentiality