[Fedora 09/19] binfmt_elf: Elf executable signature verification
Eric Paris
eparis at redhat.com
Thu Sep 5 15:06:10 UTC 2013
On Wed, 2013-09-04 at 21:37 -0400, Josh Boyer wrote:
> > +config BINFMT_ELF_SIG
> > + bool "ELF binary signature verification"
> > + depends on BINFMT_ELF
> > + select INTEGRITY
> > + select INTEGRITY_SIGNATURE
> > + select INTEGRITY_ASYMMETRIC_KEYS
> > + select IMA
> > + select IMA_APPRAISE
> > + select SYSTEM_TRUSTED_KEYRING
> > + default n
> > + ---help---
> > + Check ELF binary signature verfication.
>
> Please don't do this. Yes, it's technically viable to select all the
> things you need, but this turns on entire subsystems we don't have
> enabled. In months when the maintainers have long forgotten about
> this, we have to go figure out what turned on INTEGRITY and IMA
> because they aren't explicitly set in the config-* fragments. It's
> really frustrating.
And it's just plain wrong. CONFIG_IMA requires CONFIG_TCG_TPM. But
select is not recursive. So can end up with a config where IMA is on,
but TPM is off...
More information about the kernel
mailing list