1 /* module-verify.c: module verifier
3 * Written by David Howells (dhowells@redhat.com)
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
11 #include <linux/kernel.h>
12 #include <linux/module.h>
13 #include <linux/slab.h>
14 #include "module-verify.h"
17 * verify a module's integrity
18 * - check the ELF is viable
19 * - return 1 if the module has a correct signature
20 * - return 0 if the module has no signature or one we don't have a key for
21 * - return -ve on error
23 int module_verify(const Elf_Ehdr *hdr, size_t size)
25 struct module_verify_data mvdata;
28 memset(&mvdata, 0, sizeof(mvdata));
33 ret = module_verify_elf(&mvdata);
36 printk("Module failed ELF checks\n");
40 ret = module_verify_signature(&mvdata);
43 kfree(mvdata.secsizes);
44 kfree(mvdata.canonlist);