Skip to content
Commit fda784e5 authored by Bruno E. O. Meneguele's avatar Bruno E. O. Meneguele Committed by Mimi Zohar
Browse files

module: export module signature enforcement status 



A static variable sig_enforce is used as status var to indicate the real
value of CONFIG_MODULE_SIG_FORCE, once this one is set the var will hold
true, but if the CONFIG is not set the status var will hold whatever
value is present in the module.sig_enforce kernel cmdline param: true
when =1 and false when =0 or not present.

Considering this cmdline param take place over the CONFIG value when
it's not set, other places in the kernel could misbehave since they
would have only the CONFIG_MODULE_SIG_FORCE value to rely on. Exporting
this status var allows the kernel to rely in the effective value of
module signature enforcement, being it from CONFIG value or cmdline
param.

Signed-off-by: default avatarBruno E. O. Meneguele <brdeoliv@redhat.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
parent ebe7c0a7
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment