Re: [RFC][PATCH v1 0/2] integrity: module integrity verification
From: Kasatkin, Dmitry
Date: Tue Feb 07 2012 - 16:19:00 EST
On Tue, Feb 7, 2012 at 7:13 PM, Rusty Russell <rusty@xxxxxxxxxx> wrote:
> On Mon, 6 Feb 2012 08:59:00 +0200, "Kasatkin, Dmitry" <dmitry.kasatkin@xxxxxxxxx> wrote:
>> On Mon, Feb 6, 2012 at 3:51 AM, James Morris <jmorris@xxxxxxxxx> wrote:
>> > On Wed, 1 Feb 2012, Dmitry Kasatkin wrote:
>> >> Hi,
>> >> Here is another module verification patchset, which is based on the recently
>> >> upstreamed digital signature support used by EVM and IMA-appraisal.
>> > You should cc: Rusty on any changes to the module code.
>> Mimi already has pointed that out.
>> I have sent him an email with the link..
> Using an external signature (via cmdline arguments) is simple, at
> least. ÂNot sure what the userspace side of this looks like?
There are couple of patches for modprobe and insmod...
You could see them on the top at:
It first tries to read signature from xattr, then from file...
"modprobe -v" will show 'ima=' parameter with signature.
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at Âhttp://vger.kernel.org/majordomo-info.html
> Please read the FAQ at Âhttp://www.tux.org/lkml/
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/