#!/bin/bash export release=`uname -r` echo -n 'Enter base filename of key:' read key echo -n 'Enter password for key:' stty -echo read password stty echo for module in `find /lib/modules/$release/ -name \*.ko` ; do echo Processing "$module" sh ./mod-extract.sh "$module" "$module".out >/dev/null # sign the sections echo "$password" | gpg --passphrase-fd 0 --no-greeting --no-default-keyring --secret-keyring "./$key.sec" --keyring "./$key.pub" -b "$module.out" # add the encrypted data to the module objcopy --add-section module_sig="$module.out.sig" "$module" "$module.signed" >/dev/null objcopy --set-section-flags module_sig=alloc "$module.signed" >/dev/null if [ -s "$module.signed" ] ; then rm "$module" 2>/dev/null mv "$module.signed" "$module" else echo "Signing failed for module $module" fi; rm -f "$module.out"* echo "$module done" done; /sbin/depmod -a