libkmod: Return module signature information in kmod_module_get_info()
If the module is built with CONFIG_MODULE_SIG, add the the signer's
name, hexadecimal key id and hash algorithm to the list returned in
kmod_module_get_info(). The modinfo output then looks like this:
filename: /home/mmarek/kmod/testsuite/rootfs-pristine/test-modinfo/ext4-x86_64-sha256.ko
license: GPL
description: Fourth Extended Filesystem
author: Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
alias: ext3
alias: ext2
depends: mbcache,jbd2
intree: Y
vermagic: 3.7.0 SMP mod_unload
signer: Magrathea: Glacier signing key
sig_key: E3:C8:FC:A7:3F:B3:1D:DE:84:81:EF:38:E3:4C:DE:4B:0C:FD:1B:F9
sig_hashalgo: sha256
The signature algorithm (RSA) and key identifier type (X509) are not
displayed, because they are constant information for every signed
module. But it would be trivial to add this. Note: No attempt is made at
verifying the signature, I don't think that modinfo is the right tool
for this.
diff --git a/libkmod/libkmod-private.h b/libkmod/libkmod-private.h
index 4760733..b472c62 100644
--- a/libkmod/libkmod-private.h
+++ b/libkmod/libkmod-private.h
@@ -168,5 +168,14 @@
*/
int kmod_elf_get_section(const struct kmod_elf *elf, const char *section, const void **buf, uint64_t *buf_size) _must_check_ __attribute__((nonnull(1,2,3,4)));
+/* libkmod-signature.c */
+struct kmod_signature_info {
+ const char *signer;
+ size_t signer_len;
+ const char *key_id;
+ size_t key_id_len;
+ const char *algo, *hash_algo, *id_type;
+};
+bool kmod_module_signature_info(const struct kmod_file *file, struct kmod_signature_info *sig_info) _must_check_ __attribute__((nonnull(1, 2)));
/* util functions */
#include "libkmod-util.h"