True, Ubuntu hardly have any documentation on it: https://wiki.ubuntu.com/SecurityTeam/SecureBoot
https://wiki.ubuntu.com/Security/Features All of which there was no mention of signed kernel module. http://manpages.ubuntu.com/manpages/wily/man1/keyctl.1.html http://manpages.ubuntu.com/manpages/wily/man7/session-keyring.7.html But LWN have a long histories of writeup in this area: https://lwn.net/Articles/532710/ https://lwn.net/Articles/525592/ https://lwn.net/Articles/517472/ https://lwn.net/Articles/532778/ https://lwn.net/Articles/515007/ https://lwn.net/Articles/511720/ https://lwn.net/Articles/471013/ https://lwn.net/Articles/470906/ https://lwn.net/Articles/222162/ But perhaps you can find more info from Fedora in this area: https://docs.fedoraproject.org/en-US/Fedora/22/html/System_Administrators_Guide/sect-kernel-module-authentication-requirements.html https://ask.fedoraproject.org/en/question/41471/how-can-i-cause-a-kernel-module-to-be-signed-for-fedora-20/ https://docs.fedoraproject.org/en-US/Fedora/23/html/System_Administrators_Guide/sect-kernel-module-authentication.html And here: http://events.linuxfoundation.org/sites/events/files/slides/Integrity_Protection_LinuxCon_Europe_2013_0.pdf On Friday, March 18, 2016 at 1:29:34 PM UTC+8, PParth wrote: > > This is interesting but I can't seem to find any references on what 16.04 > will do with this functionality? > > According to Gentoo site > <https://wiki.gentoo.org/wiki/Signed_kernel_module_support>, this > functionality has been in the kernel since 3.7. > > On Wednesday, 2 March 2016 02:42:14 UTC+11, Peter Teoh wrote: >> >> https://www.kernel.org/doc/Documentation/module-signing.txt >> >> -- You received this message because you are subscribed to the Google Groups "linuxkernelnewbies" group. To unsubscribe from this group and stop receiving emails from it, send an email to linuxkernelnewbies+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
