diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2013-02-25 18:41:43 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2013-02-25 18:41:43 -0500 |
| commit | 9043a2650cd21f96f831a97f516c2c302e21fb70 (patch) | |
| tree | 926720afb0acc7bad8cfcae537dc58de552f9249 /init | |
| parent | ab7826595e9ec51a51f622c5fc91e2f59440481a (diff) | |
| parent | d9d8d7ed498ec65bea72dd24be7b9cd35af0c200 (diff) | |
Merge tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module update from Rusty Russell:
"The sweeping change is to make add_taint() explicitly indicate whether
to disable lockdep, but it's a mechanical change."
* tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
MODSIGN: Add option to not sign modules during modules_install
MODSIGN: Add -s <signature> option to sign-file
MODSIGN: Specify the hash algorithm on sign-file command line
MODSIGN: Simplify Makefile with a Kconfig helper
module: clean up load_module a little more.
modpost: Ignore ARC specific non-alloc sections
module: constify within_module_*
taint: add explicit flag to show whether lock dep is still OK.
module: printk message when module signature fail taints kernel.
Diffstat (limited to 'init')
| -rw-r--r-- | init/Kconfig | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/init/Kconfig b/init/Kconfig index 28c5b9dcc91e..968c539f0ac3 100644 --- a/init/Kconfig +++ b/init/Kconfig | |||
| @@ -1670,6 +1670,17 @@ config MODULE_SIG_FORCE | |||
| 1670 | Reject unsigned modules or signed modules for which we don't have a | 1670 | Reject unsigned modules or signed modules for which we don't have a |
| 1671 | key. Without this, such modules will simply taint the kernel. | 1671 | key. Without this, such modules will simply taint the kernel. |
| 1672 | 1672 | ||
| 1673 | config MODULE_SIG_ALL | ||
| 1674 | bool "Automatically sign all modules" | ||
| 1675 | default y | ||
| 1676 | depends on MODULE_SIG | ||
| 1677 | help | ||
| 1678 | Sign all modules during make modules_install. Without this option, | ||
| 1679 | modules must be signed manually, using the scripts/sign-file tool. | ||
| 1680 | |||
| 1681 | comment "Do not forget to sign required modules with scripts/sign-file" | ||
| 1682 | depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL | ||
| 1683 | |||
| 1673 | choice | 1684 | choice |
| 1674 | prompt "Which hash algorithm should modules be signed with?" | 1685 | prompt "Which hash algorithm should modules be signed with?" |
| 1675 | depends on MODULE_SIG | 1686 | depends on MODULE_SIG |
| @@ -1702,6 +1713,15 @@ config MODULE_SIG_SHA512 | |||
| 1702 | 1713 | ||
| 1703 | endchoice | 1714 | endchoice |
| 1704 | 1715 | ||
| 1716 | config MODULE_SIG_HASH | ||
| 1717 | string | ||
| 1718 | depends on MODULE_SIG | ||
| 1719 | default "sha1" if MODULE_SIG_SHA1 | ||
| 1720 | default "sha224" if MODULE_SIG_SHA224 | ||
| 1721 | default "sha256" if MODULE_SIG_SHA256 | ||
| 1722 | default "sha384" if MODULE_SIG_SHA384 | ||
| 1723 | default "sha512" if MODULE_SIG_SHA512 | ||
| 1724 | |||
| 1705 | endif # MODULES | 1725 | endif # MODULES |
| 1706 | 1726 | ||
| 1707 | config INIT_ALL_POSSIBLE | 1727 | config INIT_ALL_POSSIBLE |