Re: RFC: sign the modules at install time
[Posted November 20, 2012 by jake]
| From: |
| Rusty Russell <rusty-AT-rustcorp.com.au> |
| To: |
| Linus Torvalds <torvalds-AT-linux-foundation.org>,
Josh Boyer <jwboyer-AT-redhat.com> |
| Subject: |
| Re: RFC: sign the modules at install time |
| Date: |
| Fri, 19 Oct 2012 10:50:30 +1030 |
| Message-ID: |
| <87txtrpb1t.fsf@rustcorp.com.au> |
| Cc: |
| David Howells <dhowells-AT-redhat.com>,
David Miller <davem-AT-davemloft.net>,
Linux Kernel Mailing List <linux-kernel-AT-vger.kernel.org>,
pjones-AT-redhat.com |
| Archive‑link: | |
Article |
Linus Torvalds <torvalds@linux-foundation.org> writes:
> So signing is the nice flexible option, and technically the right
> thing to do.
Meh.... It's 52k of extra text to get that 'nice flexible'; 1% of my
kernel image. That's a lot of bug free code.
> (Side note: I hope people realize that the random key is generated
> with a 100-year lifespan. So if you build a kernel today, you do
> potentially have a "year-2112 problem". I'm not horribly worried, but
> I *am* a bit worried about 32-bit time_t overflow and I hope 32-bit
> openssl doesn't do anything odd)
Yep, David's original patch had that problem; he fixed the kernel's x509
handling to use struct tm, not time_t, and now it Just Works.
Cheers,
Rusty.
