Lines Matching refs:kernel

10  - Public keys in the kernel.
22 The kernel module signing facility cryptographically signs modules during
24 allows increased kernel security by disallowing the loading of unsigned modules
26 making it harder to load a malicious module into the kernel.  The module
27 signature checking is done by the kernel so that it is not necessary to have
43 Support" section of the kernel configuration and turning on
51      This specifies how the kernel should deal with a module that has a
55      available and modules that are unsigned are permitted, but the kernel will
60      signature that can be verified by a public key in the kernel's possession
87      The algorithm selected here will also be built into the kernel (rather
96      and allow the kernel modules to be signed with a key of your choosing.
115 packages to the kernel build processes for the tool that does the signing.
126 kernel so that it can be used to check the signatures as the modules are
130 default, the kernel build will automatically generate a new keypair using
149 	CN = Build time autogenerated kernel key
160 kernel sources tree and the openssl command.  The following is an example to
176 The kernel contains a ring of public keys that can be viewed by root.  They're
182 …302d2d52 I------     1 perm 1f010000     0     0 asymmetri Fedora kernel signing key: d69a84e6bce3…
200 Note, however, that the kernel will only permit keys to be added to
210 the Linux kernel source tree.  The script requires 4 arguments:
215 	4.  The kernel module to be signed
217 The following is an example to sign a kernel module:
219 	scripts/sign-file sha512 kernel-signkey.priv \
220 		kernel-signkey.x509 module.ko
224 kernel or can be loaded without requiring itself.
250 signature checking is all done within the kernel.
258 the kernel command line, the kernel will only load validly signed modules
260 unsigned.   Any module for which the kernel has a key, but which proves to have
273 in the root node of the kernel source tree.