Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Rusty Russell <rusty <at> rustcorp.com.au>
Subject: Re: [PATCH 00/29] Crypto keys and module signing [ver #4]
Newsgroups: gmane.linux.kernel.lsm
Date: Saturday 19th May 2012 00:53:05 UTC (over 5 years ago)
On Fri, 11 May 2012 00:39:01 +0100, David Howells 
wrote:
> 
> Hi Rusty,
> 
> Here's my latest take on my module signing patch set.  I've retained my
> strip-proof[*] signature-in-module concept, but I've shrunk the module
> verification code by nearly half.  Its .text segment now stands at just
over 2K
> in size for an x86_64 kernel.

Hi David!

        I get it.  Some management bigwig at RH has told you to get this
patch in, right?  And you told them it'd had been Nacked, that the
maintainer had said it was never going in, and of course, that it was a
stupid idea and to give up on the idea of stripping modules after
signing, and just append a magic marker and the signature.

        But they just wouldn't listen, would they?  So you had to waste
your time polishing this turd, until you annoy me enough to get the kind
of flaming rejection which is visible from space and chars the eyeballs
of your manager so they understand.

        Well, here it is.  I even put it in caps for you!

NAK.  THIS PATCH WILL NEVER, EVER GO IN.  I AM NOT PUTTING CRAP IN THE
KERNEL BECAUSE RH CAN'T FIGURE OUT HOW TO PRODUCE STRIPPED VERSIONS OF
MODULES DURING BUILD.  DON'T BE TOO PROUD OF THIS TECHNOLOGICAL TERROR
YOU'VE CONSTRUCTED.

I look forward to you updated patch series!
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord[email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
 
CD: 5ms