Difference between revisions of "CONFIG MODULE SIG"
(Initial Contribution) |
m (added category) |
||
Line 50: | Line 50: | ||
CONTENTS, READONLY | CONTENTS, READONLY | ||
</pre> | </pre> | ||
[[Category:Logitech Revue|CONFIG_MODULE_SIG]] |
Revision as of 18:15, 23 January 2011
Overview
The CONFIG_MODULE_SIG parameter implements cryptographic signing of all loadable kernel modules (LKM). With this option configured the kernel will use compiled in public keys to verify the authenticity of the module. As per David Howells LKML post:
There are several reasons why these patches are useful, amongst which are:
(1) to protect against accidentally-corrupted modules causing damage;
(2) to protect against maliciously modified modules causing damage;
(3) to allow a sysadmin (or more likely an IT department) to enforce a policy that only known and approved modules shall be loaded onto machines which they're expected to support;
(4) to allow other support providers to do likewise, or at least to _detect_ the fact that unsupported modules are loaded;
(5) to allow the detection of modules replaced by a second-order distro or a preloaded Linux purveyor.
NOTE: The patch attached to the referenced LKML post is not entirely consistent with the implementation on the Revue. Since Logitech has not made a GPL drop, we can not verify the specific implementation at this time.
Logitech Implementation
Analysis of modules from the Logitech Revue gives an indication of how Logitech has likely modified the standard Linux kernel patch. Using objdump to inspect the ELF sections reveals that the Revue appears to use a section called '.signature' rather than '.module_sig'.
This is seen in index 11 of the 'objdump -h' output provided below from a module used by the Revue:
sec_kernel.ko: file format elf32-i386 Sections: Idx Name Size VMA LMA File off Algn 0 .text 00002960 00000000 00000000 00000040 2**4 CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE 1 .rodata 000002bc 00000000 00000000 000029a0 2**2 CONTENTS, ALLOC, LOAD, RELOC, READONLY, DATA 2 .rodata.str1.1 00000199 00000000 00000000 00002c5c 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 3 .rodata.str1.4 00000478 00000000 00000000 00002df8 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 4 .modinfo 000000ba 00000000 00000000 00003280 2**5 CONTENTS, ALLOC, LOAD, READONLY, DATA 5 __versions 00000580 00000000 00000000 00003340 2**5 CONTENTS, ALLOC, LOAD, READONLY, DATA 6 .data 000000c4 00000000 00000000 000038c0 2**5 CONTENTS, ALLOC, LOAD, RELOC, DATA 7 .gnu.linkonce.this_module 00000280 00000000 00000000 00003a00 2**7 CONTENTS, ALLOC, LOAD, RELOC, DATA, LINK_ONCE_DISCARD 8 .bss 00000664 00000000 00000000 00003c80 2**5 ALLOC 9 .comment 0000006c 00000000 00000000 00003c80 2**0 CONTENTS, READONLY 10 .note.GNU-stack 00000000 00000000 00000000 00003cec 2**0 CONTENTS, READONLY 11 .signature 00000200 00000000 00000000 00003cec 2**0 CONTENTS, READONLY