]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/blame - include/linux/module_signature.h
MODSIGN: Export module signature definitions
[mirror_ubuntu-hirsute-kernel.git] / include / linux / module_signature.h
CommitLineData
c8424e77
TJB
1/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * Module signature handling.
4 *
5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6 * Written by David Howells (dhowells@redhat.com)
7 */
8
9#ifndef _LINUX_MODULE_SIGNATURE_H
10#define _LINUX_MODULE_SIGNATURE_H
11
12/* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */
13#define MODULE_SIG_STRING "~Module signature appended~\n"
14
15enum pkey_id_type {
16 PKEY_ID_PGP, /* OpenPGP generated key ID */
17 PKEY_ID_X509, /* X.509 arbitrary subjectKeyIdentifier */
18 PKEY_ID_PKCS7, /* Signature in PKCS#7 message */
19};
20
21/*
22 * Module signature information block.
23 *
24 * The constituents of the signature section are, in order:
25 *
26 * - Signer's name
27 * - Key identifier
28 * - Signature data
29 * - Information block
30 */
31struct module_signature {
32 u8 algo; /* Public-key crypto algorithm [0] */
33 u8 hash; /* Digest algorithm [0] */
34 u8 id_type; /* Key identifier type [PKEY_ID_PKCS7] */
35 u8 signer_len; /* Length of signer's name [0] */
36 u8 key_id_len; /* Length of key identifier [0] */
37 u8 __pad[3];
38 __be32 sig_len; /* Length of signature data */
39};
40
41int mod_check_sig(const struct module_signature *ms, size_t file_len,
42 const char *name);
43
44#endif /* _LINUX_MODULE_SIGNATURE_H */