| |||||||||||||
KS2012: Module signingKS2012: Module signingPosted Sep 7, 2012 8:32 UTC (Fri) by justincormack (subscriber, #70439)In reply to: KS2012: Module signing by alonz Parent article: KS2012: Module signing
You can add the keys at kernel build time I guess. Will not help if you want to add a new module vendor. Presumably a signed module could also add new keys, allowing a chain of trust though.
(Log in to post comments)
KS2012: Module signing Posted Sep 8, 2012 12:35 UTC (Sat) by hmh (subscriber, #3838) [Link]
I sure hope you can constrain keys to modules. One should be able to tell the kernel that the nVidia key can only sign the nVidia module, and to refuse anything else it signed...
I am using nVidia only as an example.
KS2012: Module signing Posted Sep 11, 2012 13:21 UTC (Tue) by njwhite (subscriber, #51848) [Link]
> One should be able to tell the kernel that the nVidia key can only sign the nVidia module, and to refuse anything else it signed...
Couldn't a compromised / hostile nVidia just creat a module that was called nvidia.ko, but did *bad thing*? Presumably one can't specify the allowed interfaces a module may use in advance.
Or am I misunderstanding you?
KS2012: Module signing Posted Sep 14, 2012 23:19 UTC (Fri) by dashesy (subscriber, #74652) [Link]
nVidia already signs its kernels for other OS, so what is the harm in asking them also sign the Linux version.
|
|||||||||||||