Re: Fw: signed kernel modules?
From: David Woodhouse
Date: Wed Oct 13 2004 - 03:26:23 EST
On Wed, 2004-10-13 at 10:20 +1000, Rusty Russell (IBM) wrote:
> On Wed, 2004-10-13 at 05:08, Greg KH wrote:
> > On Tue, Oct 12, 2004 at 09:35:59AM +0100, David Woodhouse wrote:
> > >
> > > We know _precisely_ what the kernel looks at -- we wrote its linker. It
> > > really isn't that hard.
> >
> > I agree. We have to be able to detect improper header information for
> > unsigned modules today, nothing new there.
>
> No, we *don't*. We check that it's the right arch, and ELF, and not
> truncated. Then we trust the contents.
"We have to" != "We actually do". He's right. You're right. We _have_ to
do this already, but we suck and actually we don't. David's working on
that, I believe.
--
dwmw2
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/