The parameter is module.sig_enforce, not enforcemodulesig. The latter appears to be from before this functionality was merged into mainline.
Signed-off-by: Michael Marineau <michael.marin...@coreos.com> --- Documentation/module-signing.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt index 09c2382..6e5262e 100644 --- a/Documentation/module-signing.txt +++ b/Documentation/module-signing.txt @@ -222,7 +222,7 @@ signature checking is all done within the kernel. NON-VALID SIGNATURES AND UNSIGNED MODULES ========================================= -If CONFIG_MODULE_SIG_FORCE is enabled or enforcemodulesig=1 is supplied on +If CONFIG_MODULE_SIG_FORCE is enabled or module.sig_enforce=1 is supplied on the kernel command line, the kernel will only load validly signed modules for which it has a public key. Otherwise, it will also load modules that are unsigned. Any module for which the kernel has a key, but which proves to have -- 2.0.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
