[PATCH 1/2] module: export sig_enforce readonly even if MODULE_SIG_FORCE is on

Eric Miao Mon, 04 Nov 2013 16:07:33 -0800

Even if MODULE_SIG_FORCE is turned on, it is still useful if module
can export sig_enforce, so user space will know if module signature
is turned on and forced.


Signed-off-by: Eric Miao <eric.m...@nvidia.com>
Cc: David Howells <dhowe...@redhat.com>
Cc: Dan Willemsen <dwillem...@nvidia.com>
---
 kernel/module.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index dc58274..d55646b 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -110,6 +110,14 @@ struct list_head *kdb_modules = &modules; /* kdb needs the 
list of modules */
 #ifdef CONFIG_MODULE_SIG
 #ifdef CONFIG_MODULE_SIG_FORCE
 static bool sig_enforce = true;
+
+static const struct kernel_param_ops param_ops_bool_read_only = {
+       .flags = KERNEL_PARAM_FL_NOARG,
+       .get = param_get_bool,
+};
+#define param_check_bool_read_only param_check_bool
+
+module_param(sig_enforce, bool_read_only, 0444);
 #else
 static bool sig_enforce = false;
 
-- 
1.8.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH 1/2] module: export sig_enforce readonly even if MODULE_SIG_FORCE is on

Reply via email to