[PATCH v4 09/17] module: Make module loading policy usable without MODULE_SIG
Thomas Weißschuh
linux at weissschuh.net
Wed Mar 11 12:59:44 UTC 2026
On 2026-03-10 15:01:46-0700, Eric Biggers wrote:
> On Tue, Jan 13, 2026 at 01:28:53PM +0100, Thomas Weißschuh wrote:
> > The loading policy functionality will also be used by the hash-based
> > module validation. Split it out from CONFIG_MODULE_SIG so it is usable
> > by both.
> >
> > Signed-off-by: Thomas Weißschuh <linux at weissschuh.net>
> > ---
> > include/linux/module.h | 8 ++++----
> > kernel/module/Kconfig | 5 ++++-
> > kernel/module/main.c | 26 +++++++++++++++++++++++++-
> > kernel/module/signing.c | 21 ---------------------
> > 4 files changed, 33 insertions(+), 27 deletions(-)
> >
> > diff --git a/include/linux/module.h b/include/linux/module.h
> > index f288ca5cd95b..f9601cba47cd 100644
> > --- a/include/linux/module.h
> > +++ b/include/linux/module.h
> > @@ -444,7 +444,7 @@ struct module {
> > const u32 *gpl_crcs;
> > bool using_gplonly_symbols;
> >
> > -#ifdef CONFIG_MODULE_SIG
> > +#ifdef CONFIG_MODULE_SIG_POLICY
> > /* Signature was verified. */
> > bool sig_ok;
> > #endif
> [...]
> > +config MODULE_SIG_POLICY
> > + def_bool MODULE_SIG
>
> Maybe MODULE_AUTH_POLICY? Hash-based module authentication does not use
> signatures.
>
> This issue appears elsewhere in the code too. There are lots of places
> that still refer to module signatures or "sigs", when really module
> authentication is meant.
>
> I'm not sure how far you want to go with the renaming, but it's
> something to think about. It's confusing to use the term "signature" to
> mean something that is not a signature.
Ack. "authentication" is much better, I'll use that.
Thomas
More information about the Linux-security-module-archive
mailing list