> The main idea is to grant the access to these known addresses with one > kind of authentication, key or signature. Obviously the authentication > request is focused on kernel modules only. > I'm not so expert in kernel module programming so I don't know if it's > possible [and how] to do it via kernel module. Hi, this is currently not possible unfortunately; all kernel modules run with the same, and full privileges as the rest of the entire kernel; they are for all intents and purposes as much part of the one whole kernel as the "vmlinux" non-modular content. Some microkernels use the different ring levels of the processor to create such separation, but Linux doesn't use this, for very pragmatic reasons. (of which there have been many debates) So it comes down to "if you run in kernel mode, you own the entire machine". It even comes down to "if you are root you can run in kernel mode, so you own the entire machine". Greetings, Arjan van de Ven -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
