Sign OOT kernel modules
Francis Giraldeau
francis.giraldeau at gmail.com
Mon Aug 12 13:42:44 UTC 2013
Hi,
I'm developing out-of-tree tracing modules that adds tracepoints. Ubuntu
ships with CONFIG_MODULE_SIG=y since 3.8, and it prevent unsigned
modules to register additional tracepoints (see
tracepoint_module_coming() in kernel/tracepoint.c). When rebuilding the
kernel locally, tracepoints are registered correctly because signing
keys are generated and modules are signed when installed.
How to load (if ever possible) an additional key to the existing default
Canonical key? I saw keyctl, but I don't have a clue about what
arguments to provide.
I bet I will not be alone to face issue with module signing ;-)
Thanks for the help!
Francis Giraldeau
More information about the kernel-team
mailing list