Ubuntu

Only load signed kernel modules by default

Registered by Kees Cook on 2009-04-28

To help protect against kernel-module-rootkits, it would be nice to take advantage of the existing signed kernel module infrastructure in the kernel and publish the Ubuntu kernel with signed modules and a kernel that by default only loaded signed modules. This needs to play nice with DKMS, etc.

Blueprint information

Status:: Not started

Approver:: Rick Clark

Priority:: Undefined

Drafter:: Kees Cook

Direction:: Needs approval

Assignee:: None

Definition:: Discussion

Series goal:: None

Implementation:: Informational

Milestone target:: None

Related branches

Related bugs

Sprints

uds-karmic

Whiteboard

I. Goals
  A. Provide source of "trusted" modules (to protect from rootkit-style modules)
  B. Provide mechanism to sign derivative, OEM, and personal modules while blocking unexpected modules
II. Current state
  A. Status of signed kernel modules patch
  B. Kernel keyring
III. Possible implementations?

What happens to OEM drivers? Ubuntu derivatives? --amitk

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Andy Whitcroft

James Troup

Jamie Strandboge

Kees Cook

Nicolas DERIVE

Tim Gardner