Lines Matching refs:that

27 signature checking is done by the kernel so that it is not necessary to have
34 hash algorithms that can be used are SHA-1, SHA-224, SHA-256, SHA-384, and
51      This specifies how the kernel should deal with a module that has a
52      signature for which the key is not known or a module that is unsigned.
55      available and modules that are unsigned are permitted, but the kernel will
59      If this is on (ie. "restrictive"), only modules that have a valid
60      signature that can be verified by a public key in the kernel's possession
63      Irrespective of the setting here, if the module has a signature block that
88      than being a module) so that modules signed with that algorithm can have
114 Note that enabling module signing adds a dependency on the OpenSSL devel
115 packages to the kernel build processes for the tool that does the signing.
126 kernel so that it can be used to check the signatures as the modules are
142 It is strongly recommended that you provide your own x509.genkey file.
176 The kernel contains a ring of public keys that can be viewed by root.  They're
177 in a keyring called ".system_keyring" that can be seen by:
200 Note, however, that the kernel will only permit keys to be added to
202 that is already resident in the .system_keyring at the time the key was added.
223 doesn't, you should make sure that hash algorithm is either built into the
235 "~Module signature appended~." at the end of the module's file confirms that a
236 signature is present but it does not confirm that the signature is valid!
259 for which it has a public key.   Otherwise, it will also load modules that are
263 Any module that has an unparseable signature will be rejected.