Re: [PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG

[PATCH v5 00/14] module: Introduce hash-based integrity checking · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 01/14] kbuild: generate module BTF based on vmlinux.unstripped · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 03/14] kbuild: rename the strip_relocs command · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 05/14] module: Make mod_verify_sig() static · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 04/14] module: Drop pointless debugging message · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 02/14] lockdown: Make the relationship to MODULE_SIG a dependency · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 09/14] module: Move signature type check out of mod_check_sig() · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
Re: [PATCH v5 09/14] module: Move signature type check out of mod_check_sig() · Petr Pavlu <petr.pavlu@suse.com> · 2026-05-26
[PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
Re: [PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG · Petr Pavlu <petr.pavlu@suse.com> · 2026-05-26
Re: [PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-26
Re: [PATCH v5 07/14] module: Make module authentication usable without MODULE_SIG · kpcyrd <hidden> · 2026-05-26
[PATCH v5 08/14] module: Move authentication logic into dedicated new file · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
Re: [PATCH v5 08/14] module: Move authentication logic into dedicated new file · Petr Pavlu <petr.pavlu@suse.com> · 2026-05-26
[PATCH v5 06/14] module: Switch load_info::len to size_t · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
Re: [PATCH v5 06/14] module: Switch load_info::len to size_t · Petr Pavlu <petr.pavlu@suse.com> · 2026-05-26
Re: [PATCH v5 06/14] module: Switch load_info::len to size_t · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-26
[PATCH v5 10/14] module: Prepare for additional module authentication mechanisms · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
Re: [PATCH v5 10/14] module: Prepare for additional module authentication mechanisms · Petr Pavlu <petr.pavlu@suse.com> · 2026-05-26
[PATCH v5 14/14] kbuild: make CONFIG_MODULE_HASHES compatible with module stripping · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 11/14] module: update timestamp of modules.order after modules are built · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 12/14] module: Introduce hash-based integrity checking · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
[PATCH v5 13/14] kbuild: move handling of module stripping to Makefile.lib · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-05
Re: [PATCH v5 00/14] module: Introduce hash-based integrity checking · Sami Tolvanen <samitolvanen@google.com> · 2026-05-18
Re: [PATCH v5 00/14] module: Introduce hash-based integrity checking · Thomas Weißschuh <linux@weissschuh.net> · 2026-05-19

From: Petr Pavlu <petr.pavlu@suse.com>
Date: 2026-05-26 10:53:25
Also in: bpf, linux-arch, linux-doc, linux-integrity, linux-kbuild, linux-modules, linux-security-module, lkml

On 5/5/26 11:05 AM, Thomas Weißschuh wrote:

quoted hunk ↗ jump to hunk

The module authentication functionality will also be used by the
hash-based module authentication. Split it out from CONFIG_MODULE_SIG
so it is usable by both.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
[...]

diff --git a/kernel/module/Kconfig b/kernel/module/Kconfig
index f535181e0d98..84297da666ff 100644
--- a/kernel/module/Kconfig
+++ b/kernel/module/Kconfig

@@ -271,9 +271,12 @@ config MODULE_SIG
 	  debuginfo strip done by some packagers (such as rpmbuild) and
 	  inclusion into an initramfs that wants the module size reduced.
 
+config MODULE_AUTH
+	def_bool MODULE_SIG
+
 config MODULE_SIG_FORCE
 	bool "Require modules to be validly signed"
-	depends on MODULE_SIG
+	depends on MODULE_AUTH
 	help
 	  Reject unsigned modules or signed modules for which we don't have a
 	  key.  Without this, such modules will simply taint the kernel.

Should MODULE_SIG_FORCE be renamed to MODULE_AUTH_FORCE, along with
renaming the sig_enforce functionality in kernel/module/auth.c to
auth_enforce?

-- 
Thanks,
Petr

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help