On Wed, Feb 14, 2007 at 07:09:38PM +0000, David Howells wrote:
>...
> There are several reasons why these patches are useful, amongst which are:
>...
> (4) to allow other support providers to do likewise, or at least to _detect_
> the fact that unsupported modules are loaded;
>
> (5) to allow the detection of modules replaced by a second-order distro or a
> preloaded Linux purveyor.
>...
Who might have rebuilt the whole kernel using a new signature.
Or a bug reporter might have edited out the parts containing the
information that unsupported code was loaded.
Or the unsupported module itself might have removed all traces of having
been loaded from the kernel.
For printing nvidia(U), you could simply add some marker similar to
MODULE_LICENSE() that gets added to supported modules during "official"
builds and gets checked when loading a module.
That's 10k LOC less and the same level of security...
> David
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
