[kernel/f18] secure boot modsign depends on CONFIG_MODULE_SIG not CONFIG_MODULES
Josh Boyer
jwboyer at fedoraproject.org
Sat Oct 6 12:53:41 UTC 2012
commit cc41f66d974d94adfd0150abfa9321a74089831d
Author: Josh Boyer <jwboyer at redhat.com>
Date: Sat Oct 6 08:53:08 2012 -0400
secure boot modsign depends on CONFIG_MODULE_SIG not CONFIG_MODULES
kernel.spec | 5 ++++-
secure-boot-20120924.patch | 4 ++--
2 files changed, 6 insertions(+), 3 deletions(-)
---
diff --git a/kernel.spec b/kernel.spec
index 443b6e9..d9949f7 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -62,7 +62,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be appended after the rcX and
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
#
-%global baserelease 4
+%global baserelease 5
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -2327,6 +2327,9 @@ fi
# ||----w |
# || ||
%changelog
+* Sat Oct 06 2012 Josh Boyer <jwboyer at redhat.com>
+- secure boot modsign depends on CONFIG_MODULE_SIG not CONFIG_MODULES
+
* Fri Oct 05 2012 Josh Boyer <jwboyer at redhat.com>
- Adjust secure boot modsign patch
diff --git a/secure-boot-20120924.patch b/secure-boot-20120924.patch
index 8fb4d13..a9c63de 100644
--- a/secure-boot-20120924.patch
+++ b/secure-boot-20120924.patch
@@ -710,7 +710,7 @@ index 7e6e83f..2b0b980 100644
0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
}
-+#ifdef CONFIG_MODULES
++#ifdef CONFIG_MODULE_SIG
+extern bool sig_enforce;
+#endif
+
@@ -719,7 +719,7 @@ index 7e6e83f..2b0b980 100644
pr_info("Secure boot enabled\n");
cap_lower((&init_cred)->cap_bset, CAP_COMPROMISE_KERNEL);
cap_lower((&init_cred)->cap_permitted, CAP_COMPROMISE_KERNEL);
-+#ifdef CONFIG_MODULES
++#ifdef CONFIG_MODULE_SIG
+ /* Enable module signature enforcing */
+ sig_enforce = true;
+#endif
More information about the scm-commits
mailing list