summaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-05-09 12:54:40 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2019-05-09 12:54:40 -0700
commit7664cd6e3a0b2709f04c07435e96c7c85e7d7324 (patch)
treed270574b311da6e449ad6dcea0bfc16e13d5aa78 /kernel
parent882388056194d2d4c3f589b194b6bdcc47e677e8 (diff)
parent2bfebea90dd5e8c57ae1021a5d1bb6c1057eee6d (diff)
downloadlinux-7664cd6e3a0b2709f04c07435e96c7c85e7d7324.tar.bz2
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull intgrity updates from James Morris: "This contains just three patches, the remainder were either included in other pull requests (eg. audit, lockdown) or will be upstreamed via other subsystems (eg. kselftests, Power). Included here is one bug fix, one documentation update, and extending the x86 IMA arch policy rules to coordinate the different kernel module signature verification methods" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: doc/kernel-parameters.txt: Deprecate ima_appraise_tcb x86/ima: add missing include x86/ima: require signed kernel modules
Diffstat (limited to 'kernel')
-rw-r--r--kernel/module.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/kernel/module.c b/kernel/module.c
index a9020bdd4cf6..a9e1e7f2c224 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -290,6 +290,11 @@ bool is_module_sig_enforced(void)
}
EXPORT_SYMBOL(is_module_sig_enforced);
+void set_module_sig_enforced(void)
+{
+ sig_enforce = true;
+}
+
/* Block module loading/unloading? */
int modules_disabled = 0;
core_param(nomodule, modules_disabled, bint, 0);