tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel

On Sun, 17 Oct 2010 20:11:06 -0400, Thor Lancelot Simon 
> On Sun, Oct 17, 2010 at 04:04:59PM -0400, Matthew Mondor wrote:
>> On Sat, 16 Oct 2010 13:58:19 -0400
>> Thor Lancelot Simon <> wrote:
>> >    2) Finish the asymmetric operation support in cryptodev and
>> >       actually require modules to be signed.  This is basically a
>> >       superset of #1 above that could get about as complicated as
>> >       one wanted it to (ugh) but might be worthwhile if kept simple.
>> You seem to now agree with me that this could be a solution.  It
>> indeed requires more work, but it also has advantages: not having to
> Let me know when you've got the code ready for review.

*lurker mode off*
IIRC, part of agc work with netpgp is to integrate signature verification
within kernel.
*lurker mode on*

Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index