subject:"\[PATCH v2 5\/5\] livepatch\: Verify livepatch signatures"

Re: [PATCH v2 5/5] livepatch: Verify livepatch signatures

2025-05-18 Thread Jan Beulich

On 15.05.2025 11:38, Ross Lagerwall wrote: > @@ -79,6 +80,9 @@ static DEFINE_PER_CPU(struct tasklet, livepatch_tasklet); > static struct rsa_public_key builtin_payload_key; > #endif > > +static int check_signature(const struct livepatch_elf *elf, void *raw, > + size_t

[PATCH v2 5/5] livepatch: Verify livepatch signatures

2025-05-15 Thread Ross Lagerwall

From: Jennifer Herbert Verify livepatch signatures against the embedded public key in Xen. Failing to verify does not prevent the livepatch from being loaded. In future, this will be changed for certain cases (e.g. when Secure Boot is enabled). Signed-off-by: Jennifer Herbert Signed-off-by: Ros