User: Password:
|
|
Subscribe / Log in / New account

Loading signed kernel modules

Loading signed kernel modules

Posted Dec 8, 2011 6:51 UTC (Thu) by idupree (guest, #71169)
Parent article: Loading signed kernel modules

What if one just wanted to embed into a kernel binary a fixed list of modules that could be loaded? Hypothetically, one could build a kernel with some modules, embed all those modules' SHA-256 hashes in the kernel, and use no public-key cryptography. Has anyone contemplated this as a use-case? (I can see pros and cons of my naive thought, but I'm sure a kernel/crypto expert can see better!)


(Log in to post comments)

Loading signed kernel modules

Posted Dec 8, 2011 7:39 UTC (Thu) by josh (subscriber, #17465) [Link]

That approach would work equally well, insofar as root can replace the set of hashes as easily as the set of public keys. It doesn't work well if the vendor wants to supply out-of-tree modules since the kernel won't have the hashes of those modules, compared to just signing those modules with the appropriate vendor key. But for the most part it would work fine, and remove a pile of more complex crypto code from the kernel.

Loading signed kernel modules

Posted Dec 8, 2011 13:52 UTC (Thu) by epa (subscriber, #39769) [Link]

Or else the modules could be built into the kernel image, perhaps as a static read-only ramdisk. Then the kernel will only load modules from this ramdisk and nowhere else. Then there is no need for hash functions either.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds