On Wed, Sep 12, 2012 at 12:34 AM, Rusty Russell <ru...@rustcorp.com.au> wrote: > "H. Peter Anvin" <h...@zytor.com> writes: > >> On 09/06/2012 11:13 AM, Kees Cook wrote: >>> Instead of (or in addition to) kernel module signing, being able to reason >>> about the origin of a kernel module would be valuable in situations >>> where an OS already trusts a specific file system, file, etc, due to >>> things like security labels or an existing root of trust to a partition >>> through things like dm-verity. >>> >>> This introduces a new syscall (currently only on x86), similar to >>> init_module, that has only two arguments. The first argument is used as >>> a file descriptor to the module and the second argument is a pointer to >>> the NULL terminated string of module arguments. >>> >> >> Please use the standard naming convention, which is an f- prefix (i.e. >> finit_module()). > > Good point; I just did a replace here.
Ah, yes. Thanks! -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
