Lines Matching refs:kernel

10  - Public keys in the kernel.
22 The kernel module signing facility cryptographically signs modules during
24 allows increased kernel security by disallowing the loading of unsigned modules
26 making it harder to load a malicious module into the kernel.  The module
27 signature checking is done by the kernel so that it is not necessary to have
43 Support" section of the kernel configuration and turning on
51      This specifies how the kernel should deal with a module that has a
55      available and modules that are unsigned are permitted, but the kernel will
60      signature that can be verified by a public key in the kernel's possession
87      The algorithm selected here will also be built into the kernel (rather
100 kernel so that it can be used to check the signatures as the modules are
103 Under normal conditions, the kernel build will automatically generate a new
123 	CN = Build time autogenerated kernel key
134 kernel sources tree and the openssl command.  The following is an example to
146 The kernel contains a ring of public keys that can be viewed by root.  They're
152 …302d2d52 I------     1 perm 1f010000     0     0 asymmetri Fedora kernel signing key: d69a84e6bce3…
156 placed in the kernel source root directory or the kernel build root directory
171 Note, however, that the kernel will only permit keys to be added to
181 the Linux kernel source tree.  The script requires 4 arguments:
186 	4.  The kernel module to be signed
188 The following is an example to sign a kernel module:
190 	scripts/sign-file sha512 kernel-signkey.priv \
191 		kernel-signkey.x509 module.ko
195 kernel or can be loaded without requiring itself.
218 signature checking is all done within the kernel.
226 the kernel command line, the kernel will only load validly signed modules
228 unsigned.   Any module for which the kernel has a key, but which proves to have
241 in the root node of the kernel source tree.