Re: [PATCH v3 7/9] module: Move lockdown check into generic module loader
From: Paul Moore
Date: Wed Nov 19 2025 - 14:55:59 EST
On Wed, Nov 19, 2025 at 6:20 AM Sebastian Andrzej Siewior
<bigeasy@xxxxxxxxxxxxx> wrote:
> On 2025-04-29 15:04:34 [+0200], Thomas Weißschuh wrote:
> > The lockdown check buried in module_sig_check() will not compose well
> > with the introduction of hash-based module validation.
>
> An explanation of why would be nice.
/me shrugs
I thought the explanation was sufficient.
> > Move it into module_integrity_check() which will work better.
> >
> > Signed-off-by: Thomas Weißschuh <linux@xxxxxxxxxxxxxx>
--
paul-moore.com