On 31/10/2025 09.09, Coiby Xu wrote:
> Currently, set_module_sig_enforced is declared as long as CONFIG_MODULES
> is enabled. This can lead to a linking error if
> set_module_sig_enforced is called with CONFIG_MODULE_SIG=n,
>
> ld: security/integrity/ima/ima_appraise.o: in function
> `ima_appraise_measurement':
> security/integrity/ima/ima_appraise.c:587:(.text+0xbbb): undefined
> reference to `set_module_sig_enforced'
It's a bit unclear whether you're referring to a current upstream issue (which I
couldn't find as of -rc3), or if this is just a hypothetical scenario.
>
> So only declare set_module_sig_enforced when CONFIG_MODULE_SIG is
> enabled.
I only see cases where code has a safeguard like in
security/integrity/ima/ima_efi.c:71
if (IS_ENABLED(CONFIG_MODULE_SIG))
set_module_sig_enforced();
>
> Note this issue hasn't caused a real problem because all current callers
> of set_module_sig_enforced e.g. security/integrity/ima/ima_efi.c
> depend on CONFIG_MODULE_SIG=y.
I think the correct term we should use here is runtime safeguard. The code does
not actually depend on that config, nor is there any dep in Kconfig.
>
> Reported-by: kernel test robot <[email protected]>
> Closes:
> https://lore.kernel.org/oe-kbuild-all/[email protected]/
> Signed-off-by: Coiby Xu <[email protected]>
Just minor nits regarding the commit message structure. This change should allow
us to remove the safeguard from users of set_module_sig_enforced().
Other than that, LGTM,
Reviewed-by: Daniel Gomez <[email protected]>
