[PATCH 03/27] Enforce module signatures if the kernel is locked down
mjg59 at google.com
Fri Mar 8 23:30:48 UTC 2019
On Fri, Mar 8, 2019 at 3:00 PM James Morris <jmorris at namei.org> wrote:
> On Wed, 6 Mar 2019, Matthew Garrett wrote:
> > From: David Howells <dhowells at redhat.com>
> > If the kernel is locked down, require that all modules have valid
> > signatures that we can verify.
> Perhaps note that this won't cover the case where folk are using DM-Verity
> with a signed root hash for verifying kernel modules.
Mm. I can't see a terribly good way of doing this generically -
loadpin gives no indication to the module loading code that it comes
from a trusted source. Would making the lockdown/module signature
enforcement a separate config option be reasonable?
More information about the Linux-security-module-archive