[PATCH] modsign: overwrite keys with zero before deleting them

From: Alexander Holler
Date: Fri Jan 23 2015 - 16:57:48 EST

Next message: Priit Laes: "Re: [PATCH] ARM: dts: sun4i: Add initial dts for Gemei G9 tablet"
Previous message: Steven Rostedt: "Re: [PATCH 0/2] tracing: Some clean ups that will help tracefs"
In reply to: Alexander Holler: "Re: [PATCH] modsign: provide option to automatically delete the key after modules were installed"
Next in thread: Richard Weinberger: "Re: [PATCH] modsign: overwrite keys with zero before deleting them"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is for the more paranoid people, also it's
questionable what paranoid nowadays means.

Signed-off-by: Alexander Holler <holler@xxxxxxxxxxxxx>
---
Makefile | 2 ++
1 file changed, 2 insertions(+)

diff --git a/Makefile b/Makefile
index 7ad66de..590ff53 100644
--- a/Makefile
+++ b/Makefile
@@ -1132,7 +1132,9 @@ ifeq ($(CONFIG_MODULE_SIG_THROW_AWAY), y)
@echo "###"
@echo "### Deleting key used to sign modules."
@echo "###"
+ @dd status=none if=/dev/zero of=./signing_key.priv bs=4096 count=1
@rm ./signing_key.priv
+ @dd status=none if=/dev/zero of=./signing_key.x509 bs=4096 count=1
@rm ./signing_key.x509
endif

--
2.0.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Priit Laes: "Re: [PATCH] ARM: dts: sun4i: Add initial dts for Gemei G9 tablet"
Previous message: Steven Rostedt: "Re: [PATCH 0/2] tracing: Some clean ups that will help tracefs"
In reply to: Alexander Holler: "Re: [PATCH] modsign: provide option to automatically delete the key after modules were installed"
Next in thread: Richard Weinberger: "Re: [PATCH] modsign: overwrite keys with zero before deleting them"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]