Re: Should we automatically generate a module signing key at all?

From: David Howells
Date: Tue May 19 2015 - 14:51:05 EST


Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:

> No, in the hash tree variant, it really is 32 bytes. No one ever
> needs the full list once the build is done.

Yes, you do. You have to check the hash on the hash list or you can't trust
it.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/