Documentation/module-signing.txt file is referring to /proc/keys file in order to view all keys contained in the kernel's keyring. That file is not universally avialble when CONFIG_KEYS is enabled, which is confusing. The fact that the option needed for this procfs interface to exist contains "_DEBUG_" in its name makes it even more confusing. Document this fact. Signed-off-by: Jiri Kosina <jkosina@xxxxxxx> --- Documentation/module-signing.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt index 09c2382..09be78d 100644 --- a/Documentation/module-signing.txt +++ b/Documentation/module-signing.txt @@ -152,6 +152,9 @@ in a keyring called ".system_keyring" that can be seen by: 302d2d52 I------ 1 perm 1f010000 0 0 asymmetri Fedora kernel signing key: d69a84e6bce3d216b979e9505b3e3ef9a7118079: X509.RSA a7118079 [] ... +CONFIG_KEYS_DEBUG_PROC_KEYS needs to be enabled for the above procfs interface +to be available. + Beyond the public key generated specifically for module signing, any file placed in the kernel source root directory or the kernel build root directory whose name is suffixed with ".x509" will be assumed to be an X.509 public key -- Jiri Kosina SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
