https://github.com/mjg59/linux/commit/1fa28d39024cebb051319c5a15f8f6f2777b8d72 … - when the thing with the comment "This should be called early in the kernel init sequence" can't be called sufficiently early
it sounds to me like part of the problem is that the cmdline contains multiple things mixed together and you don't know which part is from where? whether it's from the distro or a config file on the system (which I guess you don't want to trust) or a hint about where the disk is
-
-
would it be possible to let the user store a custom cmdline as long as they edit it from a context that runs before any untrusted userspace and let the TPM verify that (using the PCRs)?
-
then the kernel cmdline as delivered from the bootloader to the kernel could consist of a distro-signed base cmdline, a TPM-attested user config, and a very narrow set of whitelisted hints for locating the disk that update-grub is allowed to generate automatically
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.