AuxXxilium/kmod
1
0
Fork 0
mirror of https://github.com/AuxXxilium/kmod.git synced 2024-11-23 23:10:53 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
628677e066
kmod/libkmod
History
Stefan Strogin 628677e066 libkmod-signature: use PKCS#7 instead of CMS 
Linux uses either PKCS #7 or CMS for signing modules (see
scripts/sign-file.c). CMS is not supported by LibreSSL or older OpenSSL,
so PKCS #7 is used on systems with these libcrypto providers.

CMS and PKCS #7 formats are very similar. CMS is newer but is as much as
possible backward compatible with PKCS #7 [1]. PKCS #7 is supported in
the latest OpenSSL as well as CMS. The fields used for signing kernel
modules are supported both in PKCS #7 and CMS.

For now modinfo uses CMS with no alternative requiring OpenSSL 1.1.0 or
newer.

Use PKCS #7 for parsing module signature information, so that modinfo
could be used both with OpenSSL and LibreSSL.

[1] https://tools.ietf.org/html/rfc5652#section-1.1

Changes v1->v2:
- Don't use ifdefs for keeping redundant CMS code, just use PKCS #7 both
with OpenSSL and LibreSSL.

Signed-off-by: Stefan Strogin <steils@gentoo.org>
2019-05-28 15:22:18 -07:00
..
docs libkmod: fix integration with gtk-doc 2016-06-28 12:15:38 -03:00
python Fix include in python bindings 2015-01-02 13:11:39 -02:00
.gitignore Rename libabc to libkmod 2011-11-21 14:35:35 -02:00
COPYING Change licenses 2011-12-12 18:24:35 -02:00
libkmod-config.c libkmod-config: fix parsing quoted kernel cmdline on params 2017-02-16 09:18:35 -08:00
libkmod-elf.c libkmod-elf: resolve CRC if module is built with MODULE_REL_CRCS 2017-08-04 08:20:24 -07:00
libkmod-file.c Remove FSF mailing address 2014-12-25 23:41:34 -02:00
libkmod-index.c Check return of fseek while reading index 2015-02-28 16:11:53 -03:00
libkmod-index.h Remove FSF mailing address 2014-12-25 23:41:34 -02:00
libkmod-internal.h libkmod-signature: implement pkcs7 parsing with openssl 2019-02-04 13:51:27 -08:00
libkmod-list.c Remove FSF mailing address 2014-12-25 23:41:34 -02:00
libkmod-module.c libkmod-signature: implement pkcs7 parsing with openssl 2019-02-04 13:51:27 -08:00
libkmod-signature.c libkmod-signature: use PKCS#7 instead of CMS 2019-05-28 15:22:18 -07:00
libkmod.c libkmod: export new kmod_get_dirname() function 2015-09-30 15:28:24 -03:00
libkmod.h kmod: build: cure compiler warnings showing up externally 2018-06-18 09:46:56 -07:00
libkmod.pc.in libkmod: remove external cflags from .pc file 2011-12-24 20:28:11 +01:00
libkmod.sym libkmod: export new kmod_get_dirname() function 2015-09-30 15:28:24 -03:00
Makefile build-sys: add small redirecting Makefiles 2014-03-06 01:59:58 -03:00
README README: Move items from TODO 2013-07-17 02:31:27 -03:00

README 

libkmod - linux kernel module handling library

ABSTRACT
========

libkmod was created to allow programs to easily insert, remove and
list modules, also checking its properties, dependencies and aliases.

there is no shared/global context information and it can be used by
multiple sites on a single program, also being able to be used from
threads, although it's not thread safe (you must lock explicitly).


OVERVIEW
========

Every user should create and manage it's own library context with:

   struct kmod_ctx *ctx = kmod_new(kernel_dirname);
   kmod_unref(ctx);


Modules can be created by various means:

   struct kmod_module *mod;
   int err;

   err = kmod_module_new_from_path(ctx, path, &mod);
   if (err < 0) {
      /* code */
   } else {
      /* code */
      kmod_module_unref(mod);
   }

   err = kmod_module_new_from_name(ctx, name, &mod);
   if (err < 0) {
      /* code */
   } else {
      /* code */
      kmod_module_unref(mod);
   }


Or could be resolved from a known alias to a list of alternatives:

   struct kmod_list *list, *itr;
   int err;
   err = kmod_module_new_from_lookup(ctx, alias, &list);
   if (err < 0) {
      /* code */
   } else {
      kmod_list_foreach(itr, list) {
         struct kmod_module *mod = kmod_module_get_module(itr);
         /* code */
      }
   }