| 1 |
Carlos Silva wrote: |
| 2 |
> > > If one wants to create a key himself, it's also possible to use this |
| 3 |
> > > key, he just has to name it signing_key.priv and siging_key.x509 and |
| 4 |
> > > put it under /usr/src/linux. |
| 5 |
> > |
| 6 |
> > Do you know if this is a sane default? |
| 7 |
> > |
| 8 |
> > Where do most users of signed modules store keys so far? |
| 9 |
> |
| 10 |
> It's where the kernel build system picks them. |
| 11 |
|
| 12 |
Are you sure? I find that hard to believe? Even if I tell an external |
| 13 |
module to build against a source tree in ~/linux/ the Makefiles will |
| 14 |
go to look for the keys in /usr/src/linux/ ? |
| 15 |
|
| 16 |
|
| 17 |
> They only have to be there to build the kernel, nothing else. |
| 18 |
|
| 19 |
I'm not talking about end users, by users I mean those who use the |
| 20 |
key files to build kernels and modules. |
| 21 |
|
| 22 |
|
| 23 |
//Peter |
Archives