summaryrefslogtreecommitdiffstats
path: root/Add-secure_modules-call.patch
diff options
context:
space:
mode:
authorJustin M. Forbes <jforbes@redhat.com>2016-12-14 12:50:48 -0600
committerJustin M. Forbes <jforbes@redhat.com>2016-12-14 12:50:48 -0600
commit962ea4f047b3b4b4360446be4289c4e4deb29551 (patch)
tree0a13142b9219114c8902cac2b45fe9c7abc96897 /Add-secure_modules-call.patch
parentb31b0fb7f4d47143f49fdbc50e7c0da678c0540b (diff)
downloadkernel-962ea4f047b3b4b4360446be4289c4e4deb29551.tar.gz
kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.tar.xz
kernel-962ea4f047b3b4b4360446be4289c4e4deb29551.zip
Linux v4.9-7150-gcdb98c2
Diffstat (limited to 'Add-secure_modules-call.patch')
-rw-r--r--Add-secure_modules-call.patch63
1 files changed, 0 insertions, 63 deletions
diff --git a/Add-secure_modules-call.patch b/Add-secure_modules-call.patch
deleted file mode 100644
index 99d04c43e..000000000
--- a/Add-secure_modules-call.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 80d2d273b36b33d46820ab128c7a5b068389f643 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <matthew.garrett@nebula.com>
-Date: Fri, 9 Aug 2013 17:58:15 -0400
-Subject: [PATCH 01/20] Add secure_modules() call
-
-Provide a single call to allow kernel code to determine whether the system
-has been configured to either disable module loading entirely or to load
-only modules signed with a trusted key.
-
-Bugzilla: N/A
-Upstream-status: Fedora mustard. Replaced by securelevels, but that was nak'd
-
-Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
----
- include/linux/module.h | 6 ++++++
- kernel/module.c | 10 ++++++++++
- 2 files changed, 16 insertions(+)
-
-diff --git a/include/linux/module.h b/include/linux/module.h
-index 0c3207d26ac0..05bd6c989a0c 100644
---- a/include/linux/module.h
-+++ b/include/linux/module.h
-@@ -641,6 +641,8 @@ static inline bool is_livepatch_module(struct module *mod)
- }
- #endif /* CONFIG_LIVEPATCH */
-
-+extern bool secure_modules(void);
-+
- #else /* !CONFIG_MODULES... */
-
- static inline struct module *__module_address(unsigned long addr)
-@@ -750,6 +752,10 @@ static inline bool module_requested_async_probing(struct module *module)
- return false;
- }
-
-+static inline bool secure_modules(void)
-+{
-+ return false;
-+}
- #endif /* CONFIG_MODULES */
-
- #ifdef CONFIG_SYSFS
-diff --git a/kernel/module.c b/kernel/module.c
-index f57dd63186e6..cb864505d020 100644
---- a/kernel/module.c
-+++ b/kernel/module.c
-@@ -4284,3 +4284,13 @@ void module_layout(struct module *mod,
- }
- EXPORT_SYMBOL(module_layout);
- #endif
-+
-+bool secure_modules(void)
-+{
-+#ifdef CONFIG_MODULE_SIG
-+ return (sig_enforce || modules_disabled);
-+#else
-+ return modules_disabled;
-+#endif
-+}
-+EXPORT_SYMBOL(secure_modules);
---
-2.9.3
-