[PATCH 1/2] module: export sig_enforce readonly even if MODULE_SIG_FORCE is on

[Eric Miao]

Even if MODULE_SIG_FORCE is turned on, it is still useful if module
can export sig_enforce, so user space will know if module signature
is turned on and forced.

Signed-off-by: Eric Miao <eric.miao@xxxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: Dan Willemsen <dwillemsen@xxxxxxxxxx>
---
 kernel/module.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index dc58274..d55646b 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -110,6 +110,14 @@ struct list_head *kdb_modules = &modules; /* kdb needs the list of modules */
 #ifdef CONFIG_MODULE_SIG
 #ifdef CONFIG_MODULE_SIG_FORCE
 static bool sig_enforce = true;
+
+static const struct kernel_param_ops param_ops_bool_read_only = {
+	.flags = KERNEL_PARAM_FL_NOARG,
+	.get = param_get_bool,
+};
+#define param_check_bool_read_only param_check_bool
+
+module_param(sig_enforce, bool_read_only, 0444);
 #else
 static bool sig_enforce = false;
 
-- 
1.8.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/