Le 01/03/2022 à 00:43, Aaron Tomlin a écrit :
> No functional change.
>
> This patch migrates additional module signature check
> code from core module code into kernel/module/signing.c.
>
> Reviewed-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx>
> Signed-off-by: Aaron Tomlin <atomlin@xxxxxxxxxx>
> ---
> kernel/module/internal.h | 9 +++++
> kernel/module/main.c | 87 ----------------------------------------
> kernel/module/signing.c | 77 +++++++++++++++++++++++++++++++++++
> 3 files changed, 86 insertions(+), 87 deletions(-)
>
> diff --git a/kernel/module/signing.c b/kernel/module/signing.c
> index 8aeb6d2ee94b..85c8999dfecf 100644
> --- a/kernel/module/signing.c
> +++ b/kernel/module/signing.c
> @@ -11,9 +11,29 @@
> #include <linux/module_signature.h>
> #include <linux/string.h>
> #include <linux/verification.h>
> +#include <linux/security.h>
> #include <crypto/public_key.h>
> +#include <uapi/linux/module.h>
> #include "internal.h"
>
> +static bool sig_enforce = IS_ENABLED(CONFIG_MODULE_SIG_FORCE);
> +module_param(sig_enforce, bool_enable_only, 0644);
> +
> +/*
> + * Export sig_enforce kernel cmdline parameter to allow other subsystems rely
> + * on that instead of directly to CONFIG_MODULE_SIG_FORCE config.
> + */
> +bool is_module_sig_enforced(void)
> +{
> + return sig_enforce;
> +}
> +EXPORT_SYMBOL(is_module_sig_enforced);
As reported by the test robot, that's not enough.
When it was in main.c, is_module_sig_enforced() was build as soon as
CONFIG_MODULES was set.
Now it is only built when CONFIG_MODULE_SIG is selected, so you have to
modify include/linux/modules.h and have the stub
is_module_sig_enforced() when CONFIG_MODULE_SIG is not selected and not
only when CONFIG_MODULES is not selected.
> +
> +void set_module_sig_enforced(void)
> +{
> + sig_enforce = true;
> +}
> +
> /*
> * Verify the signature on a module.
> */
Christophe
