User: Password:
Subscribe / Log in / New account

Loading signed kernel modules

Loading signed kernel modules

Posted Dec 8, 2011 7:39 UTC (Thu) by josh (subscriber, #17465)
In reply to: Loading signed kernel modules by idupree
Parent article: Loading signed kernel modules

That approach would work equally well, insofar as root can replace the set of hashes as easily as the set of public keys. It doesn't work well if the vendor wants to supply out-of-tree modules since the kernel won't have the hashes of those modules, compared to just signing those modules with the appropriate vendor key. But for the most part it would work fine, and remove a pile of more complex crypto code from the kernel.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds