Re: [GIT PULL] Load keys from signed PE binaries

From: Peter Jones
Date: Thu Feb 21 2013 - 13:34:57 EST

Next message: Nathan Zimmer: "Re: mmotm 2013-02-19-17-20 uploaded"
Previous message: John Stultz: "Re: Origen board hang with functionfs"
In reply to: Linus Torvalds: "Re: [GIT PULL] Load keys from signed PE binaries"
Next in thread: Linus Torvalds: "Re: [GIT PULL] Load keys from signed PE binaries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 21, 2013 at 10:25:47AM -0800, Linus Torvalds wrote:
> - why do you bother with the MS keysigning of Linux kernel modules to
> begin with?

This is not actually what the patchset implements. All it's done here
is using PE files as envelopes for keys. The usage this enables is to
allow for whoever makes a module (binary only or merely out of tree for
whatever reason) to sign it and vouch for it themselves. That could
include, for example, a systemtap module.

--
Peter
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nathan Zimmer: "Re: mmotm 2013-02-19-17-20 uploaded"
Previous message: John Stultz: "Re: Origen board hang with functionfs"
In reply to: Linus Torvalds: "Re: [GIT PULL] Load keys from signed PE binaries"
Next in thread: Linus Torvalds: "Re: [GIT PULL] Load keys from signed PE binaries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]