From abfa6cd8cda71b9071191e72711bd474e539b1b2 Mon Sep 17 00:00:00 2001 From: James Johnston Date: Thu, 10 Mar 2016 03:38:48 +0000 Subject: modsign: Fix documentation on module signing enforcement parameter. Modify the documentation to match the actual parameter as implemented in kernel/module.c:273. Signed-off-by: James Johnston Reviewed-by: David Howells Signed-off-by: Jonathan Corbet --- Documentation/module-signing.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Documentation') diff --git a/Documentation/module-signing.txt b/Documentation/module-signing.txt index a78bf1f..696d5ca 100644 --- a/Documentation/module-signing.txt +++ b/Documentation/module-signing.txt @@ -254,7 +254,7 @@ signature checking is all done within the kernel. NON-VALID SIGNATURES AND UNSIGNED MODULES ========================================= -If CONFIG_MODULE_SIG_FORCE is enabled or enforcemodulesig=1 is supplied on +If CONFIG_MODULE_SIG_FORCE is enabled or module.sig_enforce=1 is supplied on the kernel command line, the kernel will only load validly signed modules for which it has a public key. Otherwise, it will also load modules that are unsigned. Any module for which the kernel has a key, but which proves to have -- cgit v1.1