summaryrefslogtreecommitdiffstats
path: root/Documentation/leds
diff options
context:
space:
mode:
authorRusty Russell <rusty@rustcorp.com.au>2012-09-26 11:09:40 +0200
committerRusty Russell <rusty@rustcorp.com.au>2012-10-10 11:30:55 +0200
commit106a4ee258d14818467829bf0e12aeae14c16cd7 (patch)
tree4a5d002eceff4a028ebc8d88223b1ed735bee224 /Documentation/leds
parentX.509: Add a crypto key parser for binary (DER) X.509 certificates (diff)
downloadlinux-106a4ee258d14818467829bf0e12aeae14c16cd7.tar.xz
linux-106a4ee258d14818467829bf0e12aeae14c16cd7.zip
module: signature checking hook
We do a very simple search for a particular string appended to the module (which is cache-hot and about to be SHA'd anyway). There's both a config option and a boot parameter which control whether we accept or fail with unsigned modules and modules that are signed with an unknown key. If module signing is enabled, the kernel will be tainted if a module is loaded that is unsigned or has a signature for which we don't have the key. (Useful feedback and tweaks by David Howells <dhowells@redhat.com>) Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Diffstat (limited to 'Documentation/leds')
0 files changed, 0 insertions, 0 deletions