Lines Matching refs:that

27 signature checking is done by the kernel so that it is not necessary to have
34 hash algorithms that can be used are SHA-1, SHA-224, SHA-256, SHA-384, and
51      This specifies how the kernel should deal with a module that has a
52      signature for which the key is not known or a module that is unsigned.
55      available and modules that are unsigned are permitted, but the kernel will
59      If this is on (ie. "restrictive"), only modules that have a valid
60      signature that can be verified by a public key in the kernel's possession
63      Irrespective of the setting here, if the module has a signature block that
88      than being a module) so that modules signed with that algorithm can have
100 kernel so that it can be used to check the signatures as the modules are
116 It is strongly recommended that you provide your own x509.genkey file.
146 The kernel contains a ring of public keys that can be viewed by root.  They're
147 in a keyring called ".system_keyring" that can be seen by:
171 Note, however, that the kernel will only permit keys to be added to
173 that is already resident in the .system_keyring at the time the key was added.
194 doesn't, you should make sure that hash algorithm is either built into the
203 "~Module signature appended~." at the end of the module's file confirms that a
204 signature is present but it does not confirm that the signature is valid!
227 for which it has a public key.   Otherwise, it will also load modules that are
231 Any module that has an unparseable signature will be rejected.