Language Selection

English French German Italian Portuguese Spanish

Kernel Log - Coming in 3.7 (Part 3): Infrastructure

Filed under
Linux

Linux 3.7 can sign kernel modules and verify those signatures and, therefore, the integrity of the modules before loading them (1, 2, 3, 4, 5, 6, 7). Some enterprise distributions have had similar features for a while – for example, to ensure that the modules used for troubleshooting are really from the distribution kernel. Developers have been working on integrating the functionality into Linux as some distributions want to load only signed kernel modules when booted with UEFI secure boot – this is now possible with the integrated code.

Another new feature is the integrity appraisal extension for the Integrity Measurement Architecture (IMA), which the kernel has supported for quite some time now (1, 2). IMA can store signed hashes for files and use them to recognise when binaries from the Linux installation have been changed.

rest here




More in Tux Machines

Red Hat News

Kernel Space/Linux

today's howtos

Ten Years as Desktop Linux User: My Open Source World, Then and Now

I've been a regular desktop Linux user for just about a decade now. What has changed in that time? Keep reading for a look back at all the ways that desktop Linux has become easier to use -- and those in which it has become more difficult -- over the past ten years. I installed Linux to my laptop for the first time in the summer of 2006. I started with SUSE, then moved onto Mandriva and finally settled on Fedora Core. By early 2007 I was using Fedora full time. There was no more Windows partition on my laptop. When I ran into problems or incompatibilities with Linux, my options were to sink or swim. There was no Windows to revert back to. Read more