[RFC PATCH v10 9/9] powerpc/ima: indicate kernel modules appended signatures are enforced
Michael Ellerman
patch-notifications at ellerman.id.au
Thu Nov 14 20:08:13 AEDT 2019
On Thu, 2019-10-31 at 03:31:34 UTC, Mimi Zohar wrote:
> The arch specific kernel module policy rule requires kernel modules to
> be signed, either as an IMA signature, stored as an xattr, or as an
> appended signature. As a result, kernel modules appended signatures
> could be enforced without "sig_enforce" being set or reflected in
> /sys/module/module/parameters/sig_enforce. This patch sets
> "sig_enforce".
>
> Signed-off-by: Mimi Zohar <zohar at linux.ibm.com>
> Cc: Jessica Yu <jeyu at kernel.org>
Applied to powerpc next, thanks.
https://git.kernel.org/powerpc/c/d72ea4915c7e6fa5e7b9022a34df66e375bfe46c
cheers
More information about the Linuxppc-dev
mailing list