summaryrefslogtreecommitdiffstats
path: root/kernel/module.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-05-09 21:54:40 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2019-05-09 21:54:40 +0200
commit7664cd6e3a0b2709f04c07435e96c7c85e7d7324 (patch)
treed270574b311da6e449ad6dcea0bfc16e13d5aa78 /kernel/module.c
parentMerge tag 'for-linus-5.2-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/g... (diff)
parentMerge branch 'next-integrity-for-james' of git://git.kernel.org/pub/scm/linux... (diff)
downloadlinux-7664cd6e3a0b2709f04c07435e96c7c85e7d7324.tar.xz
linux-7664cd6e3a0b2709f04c07435e96c7c85e7d7324.zip
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull intgrity updates from James Morris: "This contains just three patches, the remainder were either included in other pull requests (eg. audit, lockdown) or will be upstreamed via other subsystems (eg. kselftests, Power). Included here is one bug fix, one documentation update, and extending the x86 IMA arch policy rules to coordinate the different kernel module signature verification methods" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: doc/kernel-parameters.txt: Deprecate ima_appraise_tcb x86/ima: add missing include x86/ima: require signed kernel modules
Diffstat (limited to 'kernel/module.c')
-rw-r--r--kernel/module.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/kernel/module.c b/kernel/module.c
index a9020bdd4cf6..a9e1e7f2c224 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -290,6 +290,11 @@ bool is_module_sig_enforced(void)
}
EXPORT_SYMBOL(is_module_sig_enforced);
+void set_module_sig_enforced(void)
+{
+ sig_enforce = true;
+}
+
/* Block module loading/unloading? */
int modules_disabled = 0;
core_param(nomodule, modules_disabled, bint, 0);