On Wed, Jun 3, 2020 at 12:18 AM John M. Harris Jr <joh...@splentity.com> wrote: > > On Tuesday, June 2, 2020 10:52:07 PM MST Chris Murphy wrote: > > On Tue, Jun 2, 2020 at 8:42 PM John M. Harris Jr <joh...@splentity.com> > > > > If kernel lockdown is what disables this, we should look at fixing kernel > > > lockdown so that it doesn't break hibernation. This is definitely a > > > security decision that we shouldn't be imposing on the masses > > > needlessly, in my opinion. > > > > > > Instead you propose imposing a loophole for attackers to easily deploy > > malware needlessly. Do you really not see how this is an untenable > > position for Fedora? > > In my opinion, the threat model you're proposing here is absurd. If people can > create a valid kernel image that will be loaded from a LUKS container, we have > bigger problems.
Disk encryption isn't enabled by default. The no encryption case obviously has to be considered. And if it's enabled, the more likely attack vector is sabotage to induce a crash or corrupt user data, rather than malware injection. Since you don't know the nature of the attack, and neither do I, neither one of us knows when the corruption manifests or how. I also don't know all of the threat models the upstream developers are accounting for. Did you read all of the referenced lkml emails? Do you understand why there's a preference for AES-GCM, why they want to secure the encryption key in the TPM, and why they want to use TPM localities? And why they wanted it all simplified as well? Which, I think is sortof funny actually because none of it is very simple. If you understand those concerns and still have questions, you might consider directing your concerns upstream. -- Chris Murphy _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
