On Sun, 2019-05-12 at 11:17 +0200, Dominik Brodowski wrote:

On Thu, May 09, 2019 at 01:24:17PM +0200, Roberto Sassu wrote:

quoted

This proposal consists in marshaling pathnames and xattrs in a file called
.xattr-list. They are unmarshaled by the CPIO parser after all files have
been extracted.

Couldn't this parsing of the .xattr-list file and the setting of the xattrs
be done equivalently by the initramfs' /init? Why is kernel involvement
actually required here?

It's too late.  The /init itself should be signed and verified.

Mimi