> >> 1) The user built the module from source on that machine, OR
> >> 2) The module source is freely available without restriction
> > I just realized two things. One, there's a strong argument that this
> > should be an AND, not an OR.
> And as all distributions would fail (1) in initial form, all
> distributions would result in tainted kernels. Is this the
> intent?
They wouldn't taint because the kernel signature would match the module
signatures. I provided more detail on one possible way this scheme would
work and it's not quite as simple as the summary above suggests.
Basically, when you compile (or install) the kernel, a random 'signature'
goes in. When you compile a module, the signature goes in too. You can then
compare the module's signature to the kernel's signature to ensure they were
compiled as a unit. Unfortunately, this doesn't ensure that the user has the
source.
I suppose, if the module source were freely available, then '2' would
apply. If you keep it as an OR, then distributions wouldn't taint out of the
box unless they included modules whose source distribution was limited. I
think this is what you want.
DS
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/