diff options
author | Justin M. Forbes <jforbes@redhat.com> | 2016-12-14 12:50:48 -0600 |
---|---|---|
committer | Justin M. Forbes <jforbes@redhat.com> | 2016-12-14 12:50:48 -0600 |
commit | 962ea4f047b3b4b4360446be4289c4e4deb29551 (patch) | |
tree | 0a13142b9219114c8902cac2b45fe9c7abc96897 /Add-secure_modules-call.patch | |
parent | b31b0fb7f4d47143f49fdbc50e7c0da678c0540b (diff) | |
download | kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.tar.gz kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.tar.xz kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.zip |
Linux v4.9-7150-gcdb98c2
Diffstat (limited to 'Add-secure_modules-call.patch')
-rw-r--r-- | Add-secure_modules-call.patch | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/Add-secure_modules-call.patch b/Add-secure_modules-call.patch deleted file mode 100644 index 99d04c43e..000000000 --- a/Add-secure_modules-call.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 80d2d273b36b33d46820ab128c7a5b068389f643 Mon Sep 17 00:00:00 2001 -From: Matthew Garrett <matthew.garrett@nebula.com> -Date: Fri, 9 Aug 2013 17:58:15 -0400 -Subject: [PATCH 01/20] Add secure_modules() call - -Provide a single call to allow kernel code to determine whether the system -has been configured to either disable module loading entirely or to load -only modules signed with a trusted key. - -Bugzilla: N/A -Upstream-status: Fedora mustard. Replaced by securelevels, but that was nak'd - -Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com> ---- - include/linux/module.h | 6 ++++++ - kernel/module.c | 10 ++++++++++ - 2 files changed, 16 insertions(+) - -diff --git a/include/linux/module.h b/include/linux/module.h -index 0c3207d26ac0..05bd6c989a0c 100644 ---- a/include/linux/module.h -+++ b/include/linux/module.h -@@ -641,6 +641,8 @@ static inline bool is_livepatch_module(struct module *mod) - } - #endif /* CONFIG_LIVEPATCH */ - -+extern bool secure_modules(void); -+ - #else /* !CONFIG_MODULES... */ - - static inline struct module *__module_address(unsigned long addr) -@@ -750,6 +752,10 @@ static inline bool module_requested_async_probing(struct module *module) - return false; - } - -+static inline bool secure_modules(void) -+{ -+ return false; -+} - #endif /* CONFIG_MODULES */ - - #ifdef CONFIG_SYSFS -diff --git a/kernel/module.c b/kernel/module.c -index f57dd63186e6..cb864505d020 100644 ---- a/kernel/module.c -+++ b/kernel/module.c -@@ -4284,3 +4284,13 @@ void module_layout(struct module *mod, - } - EXPORT_SYMBOL(module_layout); - #endif -+ -+bool secure_modules(void) -+{ -+#ifdef CONFIG_MODULE_SIG -+ return (sig_enforce || modules_disabled); -+#else -+ return modules_disabled; -+#endif -+} -+EXPORT_SYMBOL(secure_modules); --- -2.9.3 - |