are you trying to provide a filter for boot cmdline flags or what?
-
-
Replying to @tehjh
Yes, there's some stuff we want to be able to block that could otherwise be overridden by early command line parsing
1 reply 0 retweets 0 likes -
Replying to @mjg59
but if someone can mess with the command line, can't they majorly screw up the entire boot process anyway?
1 reply 0 retweets 0 likes -
-
I mean yeah they can DoS it, but…
1 reply 0 retweets 0 likes -
Replying to @mjg59
does that mean you're fine with someone being able to set stuff like "root=" but not some other things?
2 replies 0 retweets 0 likes -
Replying to @tehjh
Basically, yeah. If you have a built-in initramfs then that gives you the opportunity to have the kernel generate trust in everything afterwards, as long as it's not possible to pass kernel parameters that give you the opportunity to modify the kernel image
1 reply 0 retweets 1 like -
Replying to @mjg59
but essentially this would mean that you can't set kernel config flags anymore, right? even if the user manually sets them in the grub commandline on boot?
1 reply 0 retweets 0 likes -
Replying to @tehjh
No, that's the point - you can pass anything you want, lockdown filters out anything that's bad
1 reply 0 retweets 0 likes -
Replying to @mjg59
so it's default-allow? where do you draw the line? disabling ucode loading? disabling kaslr? (actually, I guess that one might run too early even with that new commit.) kpti? I guess memmap= is out? iommu= is probably out?
1 reply 0 retweets 3 likes
(I have a machine whose kernel becomes less secure if you *remove* the memtest=2 from its commandline, because there are one or two physical pages with buggy bits, and if the kernel doesn't throw away those pages on boot, you have fun random bitflips)
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.