| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1432828355.3499.41.camel@infradead.org> Date: Thu, 28 May 2015 16:52:35 +0100 From: David Woodhouse <dwmw2@...radead.org> To: David Howells <dhowells@...hat.com> Cc: mcgrof@...il.com, mjg59@...f.ucam.org, keyrings@...ux-nfs.org, gregkh@...uxfoundation.org, kyle@...nel.org, linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org, seth.forshee@...onical.com, linux-security-module@...r.kernel.org, zohar@...ux.vnet.ibm.com Subject: Re: [PATCH 00/20] MODSIGN: Use PKCS#7 for module signatures [ver #5] On Thu, 2015-05-28 at 16:46 +0100, David Howells wrote: > > Additionally, the last four patches are provisionally added to support firmware > signing, but will need further modification (ie. registration of OIDs) before > they can be committed, but are included for comment: I'd quite like to see a way for a given driver to specify the key with which its firmware needs to be signed. Perhaps an extra argument to the request_firmware() call giving the X509v3 Subject Key Identifier of the cert to be trusted? -- David Woodhouse Open Source Technology Centre David.Woodhouse@...el.com Intel Corporation -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists