Re: Fw: signed kernel modules?

[David Howells]

> I agree.  We have to be able to detect improper header information for
> unsigned modules today, nothing new there.  So by only signing the
> information that the kernel looks at, we should be fine.

Take a look at:

	http://people.redhat.com/~dhowells/modsign/modsign-bits.tar.bz2

I've extracted the module signing and module verification stuff into a
userspace test harness for easier development.

Note that this module verifier will only work on PPC64 (well, it might work on
other big-endian ELF64 archs too) without messing around in the included
header files.

The module signer should work on anything, and should be able sign any sort of
ELF, no matter whether it's the same endianness or wordsize as the host CPU.

I've added an ELF verification function in checksig/module-verify.c that does
a reasonably comprehensive check of the ELF that might cause the kernel to
crash if it loads a module.

Run "make test" to build everything, check the unsigned module, sign the
module and check the signed module.

David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/