[PATCH v4 00/17] module: Introduce hash-based integrity checking
James Bottomley
James.Bottomley at HansenPartnership.com
Tue Feb 3 08:18:09 UTC 2026
On Sun, 2026-02-01 at 17:09 +0000, David Howells wrote:
> Mihai-Drosi Câju <mcaju95 at gmail.com> wrote:
>
> > > The current signature-based module integrity checking has some
> > > drawbacks
> > in combination with reproducible builds. Either the module signing
> > key is generated at build time, which makes the build
> > unreproducible, or a static signing key is used, which precludes
> > rebuilds by third parties and makes the whole build and packaging
> > process much more complicated.
>
> There is another issue too: If you have a static private key that you
> use to sign modules (and probably other things), someone will likely
> give you a GPL request to get it.
The SFC just lost that exact point in the Vizio trial, so I think
you're wrong on this under US law at least. There's no general ability
under GPLv2 to demand long lived signing keys.
Regards,
James
More information about the Linux-security-module-archive
mailing list