Would it be possible to get CONFIG_INTEL_TXT enabled in the Fedora kernel x86 and x86_64 configs going forward?
Thanks.
On Thu, 2009-10-22 at 11:33 -0400, Stephen Smalley wrote:
Would it be possible to get CONFIG_INTEL_TXT enabled in the Fedora kernel x86 and x86_64 configs going forward?
After some discussion with a couple of people on the Fedora kernel team on IRC they decided that we should not enable CONFIG_INTEL_TXT until it is useful for something other than a closed source binary blob which Fedora is unable to distribute. We have messaged that Fedora was unable to include the binary blob from Intel and it has been suggested that they create an open module rather than forcing Linux users to trust some part of their system security to an unknown binary blob. Hopefully you can add your weight to that discussion and help intel see the need for an open source blob.
-Eric
On Thu, 2009-10-22 at 13:24 -0400, Eric Paris wrote:
On Thu, 2009-10-22 at 11:33 -0400, Stephen Smalley wrote:
Would it be possible to get CONFIG_INTEL_TXT enabled in the Fedora kernel x86 and x86_64 configs going forward?
After some discussion with a couple of people on the Fedora kernel team on IRC they decided that we should not enable CONFIG_INTEL_TXT until it is useful for something other than a closed source binary blob which Fedora is unable to distribute. We have messaged that Fedora was unable to include the binary blob from Intel and it has been suggested that they create an open module rather than forcing Linux users to trust some part of their system security to an unknown binary blob. Hopefully you can add your weight to that discussion and help intel see the need for an open source blob.
Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway.
Jon.
On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters jcm@redhat.com wrote:
Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway.
I'm sorry but this argument makes no sense whatsoever.
Claiming that a feature should not be enabled because someone is talking about a mythical attack that is waaay outside the scope of what a technology wants to protect is not solid reasoning, it's fear mongering instead.
On Fri, 2009-10-23 at 08:20 -0700, Arjan van de Ven wrote:
On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters jcm@redhat.com wrote:
Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway.
I'm sorry but this argument makes no sense whatsoever.
Smiley face missed off there - I wasn't being serious about the attacking of TXT. At the end of the day, if you've got physical access to a system, there are worse things you can do.
Jon.
2009/10/23 Arjan van de Ven arjan@infradead.org:
On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters jcm@redhat.com wrote:
Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway.
I'm sorry but this argument makes no sense whatsoever.
Claiming that a feature should not be enabled because someone is talking about a mythical attack that is waaay outside the scope of what a technology wants to protect is not solid reasoning, it's fear mongering instead.
All the same, it was disappointing news to me to read that Intel are even pushing stuff that leverages binary blobs with no source code. There would be nothing to fear and no need for fear mongering if it was an open blob. It would make the whole argument moot.
On Fri, 2009-10-23 at 18:34 +0100, Christopher Brown wrote:
2009/10/23 Arjan van de Ven arjan@infradead.org:
On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters jcm@redhat.com wrote:
Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway.
I'm sorry but this argument makes no sense whatsoever.
Claiming that a feature should not be enabled because someone is talking about a mythical attack that is waaay outside the scope of what a technology wants to protect is not solid reasoning, it's fear mongering instead.
All the same, it was disappointing news to me to read that Intel are even pushing stuff that leverages binary blobs with no source code. There would be nothing to fear and no need for fear mongering if it was an open blob. It would make the whole argument moot.
No, Arjan is right. Jon is talking about wildly unrelated system attack vectors which are in no way related to TXT or to the binary blob. Jon was out of line seemingly trying to scare people away from this technology for wholly illogical reasons. It's like we're talking about putting a lock on the window and Jon's talking about cutting through the walls. It's just not useful. Open or closed blob is irrelevant and does not influence the situation to his fear mongering line of attack.
Please, however, continue to be disappointed that Intel is pushing a closed source blob. That is a productive train of thought :)
-Eric
On Fri, 2009-10-23 at 13:51 -0400, Eric Paris wrote:
No, Arjan is right. Jon is talking about wildly unrelated system attack vectors which are in no way related to TXT or to the binary blob.
I made a joke about paranoid ranting on LKML and missed off a smiley face...sorry! :) :) :) There are bigger things to worry about than someone taking the RAM chips out of my system while it's suspended.
Jon.
kernel@lists.fedoraproject.org
-
Arjan van de Ven -
Christopher Brown -
Eric Paris -
Jon Masters -
Stephen Smalley