Hi, Ben Hutchings <b...@decadent.org.uk> writes: > 2. Upstream kernel support: when booted in Secure Boot mode, Linux would > only load signed kernel modules and disable the various debug interfaces > that allow code injection. I'm aware that David Howells, Matthew > Garrett and others are working on this.
That makes dkms modules unusable when using secure boot. I guess we would have to build binary packages for all supported kernel versions? > 5. Key management policy. Similar issues to archive signing keys, but > these keys also need to be available at build time. (a) Should they be > held by package maintainers and/or the auto-builders for the relevant > architectures? (b) sbuild and/or pbuilder will need to know how to > inject them into the build environment for the relevant packages. (c) > How do we handle key replacement when exploitable code needs to be > blacklisted? Do these need to be available when building the kernel packages or would it be possible to have the signatures in a separate package? The latter would allow moving the signing off the auto-builders and having either a human maintainer or a dedicated system do so instead (so the auto-builders would not need access to the keys). It would also allow signing modules provided in the maintainer upload. Ansgar -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87k3yfoci0....@marvin.43-1.org