This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Adding a Cryptographic Signature to a Linux Kernel Module


Hi,

I'm working on a compilation server for Systemtap (http://sources.redhat.com/systemtap). This server analyzes and compiles Systemtap scripts and returns the resulting kernel module (.ko) to the client. We would like to have the server cryptographically sign the resulting module for security reasons (tampering) and also for certification reasons. This would allow a local sysadmin to authorize the loading of modules created by a given server on his system, provided that certain restrictions are met.

We are considering an idea proposed by Roland McGrath in which the server would use NSS libraries to create the signature of the module and then add that signature to a special section of the module using elfutils. The client would then extract (remove) the signature and use it to verify the original module against a local certificate database.

Roland suggested during a Red Hat Systemtap meeting that there is a "right way to do this" and that he had some ideas, but he also suggested starting a public discussion for additional input.

So, if you have ideas, comments, concerns about the "right way" of implementing this plan or have a better idea then, please, let's talk about it.

Dave


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]