Searched hist:d72ea491 (Results 1 – 1 of 1) sorted by relevance
/openbmc/linux/arch/powerpc/kernel/ |
H A D | ima_arch.c | d72ea491 Wed Oct 30 22:31:34 CDT 2019 Mimi Zohar <zohar@linux.ibm.com> powerpc/ima: Indicate kernel modules appended signatures are enforced
The arch specific kernel module policy rule requires kernel modules to be signed, either as an IMA signature, stored as an xattr, or as an appended signature. As a result, kernel modules appended signatures could be enforced without "sig_enforce" being set or reflected in /sys/module/module/parameters/sig_enforce. This patch sets "sig_enforce".
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1572492694-6520-10-git-send-email-zohar@linux.ibm.com d72ea491 Wed Oct 30 22:31:34 CDT 2019 Mimi Zohar <zohar@linux.ibm.com> powerpc/ima: Indicate kernel modules appended signatures are enforced The arch specific kernel module policy rule requires kernel modules to be signed, either as an IMA signature, stored as an xattr, or as an appended signature. As a result, kernel modules appended signatures could be enforced without "sig_enforce" being set or reflected in /sys/module/module/parameters/sig_enforce. This patch sets "sig_enforce". Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1572492694-6520-10-git-send-email-zohar@linux.ibm.com
|