diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-05-09 12:54:40 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-05-09 12:54:40 -0700 |
| commit | 7664cd6e3a0b2709f04c07435e96c7c85e7d7324 (patch) | |
| tree | d270574b311da6e449ad6dcea0bfc16e13d5aa78 /kernel | |
| parent | 882388056194d2d4c3f589b194b6bdcc47e677e8 (diff) | |
| parent | 2bfebea90dd5e8c57ae1021a5d1bb6c1057eee6d (diff) | |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull intgrity updates from James Morris:
"This contains just three patches, the remainder were either included
in other pull requests (eg. audit, lockdown) or will be upstreamed via
other subsystems (eg. kselftests, Power).
Included here is one bug fix, one documentation update, and extending
the x86 IMA arch policy rules to coordinate the different kernel
module signature verification methods"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
doc/kernel-parameters.txt: Deprecate ima_appraise_tcb
x86/ima: add missing include
x86/ima: require signed kernel modules
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/module.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/kernel/module.c b/kernel/module.c index a9020bdd4cf6..a9e1e7f2c224 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -290,6 +290,11 @@ bool is_module_sig_enforced(void) } EXPORT_SYMBOL(is_module_sig_enforced); +void set_module_sig_enforced(void) +{ + sig_enforce = true; +} + /* Block module loading/unloading? */ int modules_disabled = 0; core_param(nomodule, modules_disabled, bint, 0); |