Re: Fw: signed kernel modules?

From: Gene Heskett (gene.heskett_at_verizon.net)
Date: 10/15/04

  • Next message: Gene Heskett: "Re: Fw: signed kernel modules?" 
    To: linux-kernel@vger.kernel.org, root@chaos.analogic.com
Date:	Fri, 15 Oct 2004 11:51:04 -0400

    On Friday 15 October 2004 08:10, Richard B. Johnson wrote:
    >On Fri, 15 Oct 2004, Roman Zippel wrote:
    >> Hi,
    >>
    >> On Thu, 14 Oct 2004, David Howells wrote:
    >>> I've uploaded an updated module signing patch with Rusty's
    >>> suggested additions:
    >>
    >> Can someone please put this patch into some context, where it's
    >> not completely pointless? As is it does not make anything more
    >> secure. Why is the kernel more trustable than a kernel module?
    >> If someone could show me how I can trust the running kernel, it
    >> should be rather easy to extend the same measures to modules
    >> without the need for this patch.
    >>
    >> bye, Roman
    >> -

    If you please, allow me to second the below gentlemans point of view.
    Its an extremely valid objection in this persons aged opinion. A road
    down which we should not even glance, let alone travel. Do I hear a
    full chorus of voices here? I certainly hope so. This patch is best
    dropped in the shredder.

    >This is just the first step, which I think must be quashed
    >immediately. The ultimate goal is to control what you put
    >into your computer. Eventually, some central licensing
    >authority will certify any modules that are allowed to
    >be run in your computer. Doesn't anybody else see this?
    >
    >Freedom isn't lost in one big step when the storm-troopers
    >show up at your door. It is lost in little pieces, each
    >so small that they tend to be ignored.
    >
    >We need to stop this nonsense now. Certainly persons who
    >lived, or still live, under highly regulated governmental
    >control, know that we must prevent some select group of
    >self-appointed authorities from controlling what we put
    >into our computers. In particular, when the five to
    >ten-thousand who contributed to the kernel, thought that
    >they were performing a service for the common good, not
    >to be taken from them and hidden behind some license.
    >
    >I developed one of the first SCSI controllers for Linux,
    >back when Linus was in Helsinki. I did this because I
    >bought a new SCSI disk and controller. It worked under
    >DOS, but not Linux. Nobody, in those days, thought
    >anything about modules and licenses, etc. We just wanted
    >to make Linux better. Then, when I was working on some
    >other drivers, I needed to be able to change code without
    >having to re-boot. I made the first primitive 'module' to
    >do this. The old driver was not actually removed nor
    >even overwritten. I just made a program to perform
    >fix-ups in user-mode, and a built-in driver to allocate
    >memory, load the fixed-up code, and change pointers
    >to point to new code. This allowed me to write drivers
    >and install them without having to re-boot. Eventually,
    >the system would run out of memory and I'd have to
    >reboot, but in the meantime, I could continue
    >development. This was all the precursor of the more
    >modern 'modules' by Laarhoven and Tombs.
    >
    >Now, I've watched through the years where every bit
    >of code that the original contributors wrote, was
    >overwritten. It was not necessarily better, only
    >different. Even the names of contributors have been
    >removed. The name-removers still haven't removed the
    >last vestige of my contributions although they probably
    >will now, but I'll make it difficult to find them...
    >
    >Script started on Fri 15 Oct 2004 07:51:34 AM EDT
    ># for x in `find . -name "*.c"` ; do grep rjohnson@ $x ; done
    > rjohnson@analogic.com : Changed init order so an interrupt will
    > only rjohnson@analogic.com : Fix up PIO interface for efficient
    > operation. # exit
    >Script done on Fri 15 Oct 2004 07:52:45 AM EDT
    >
    >Then, a certain Richard Stallman, tried to claim Linux as
    >his own as "GNU/Linux". Guess what? Most everybody fell into
    >that trap.
    >
    >Why would anybody remove contributor names from even
    >`man` pages? Look at the new `man insmod`. Yes, the
    >original is in `insmod.old`. How long will that last?
    >
    >Each of these little pieces of freedom are being chipped
    >away, bit-by-bit.
    >
    >Wake up everybody. Get the POLICY out of the kernel.
    >
    >Cheers,
    >*** Johnson
    >Penguin : Linux version 2.6.8 on an i686 machine (5537.79 Gimps).
    > Note 96.31% of all statistics are fiction.
    > 

    -- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.27% setiathome rank, not too shabby for a WV hillbilly
Yahoo.com attorneys please note, additions to this message
by Gene Heskett are:
Copyright 2004 by Maurice Eugene Heskett, all rights reserved.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
  • Next message: Gene Heskett: "Re: Fw: signed kernel modules?"