mirror of
https://abf.rosa.ru/djam/kernel-5.15.git
synced 2025-02-23 10:32:54 +00:00
Allow to rebuild allowing unsigned modules (needed for testing custom modules from rosa-test-suite e.g.)
This commit is contained in:
Mikhail Novosyolov
parent
a71dd0a80d
commit
c9df52aa4c
1 changed files with 6 additions and 1 deletions
|
|
@ -11,7 +11,7 @@
|
|||
%define sublevel 11
|
||||
|
||||
# Release number. Increase this before a rebuild.
|
||||
%define rpmrel 4
|
||||
%define rpmrel 5
|
||||
%define fullrpmrel %{rpmrel}
|
||||
|
||||
%define rpmtag %{disttag}
|
||||
|
|
@ -49,6 +49,7 @@
|
|||
|
||||
%if %{enhanced_security}
|
||||
%bcond_without additional_keys
|
||||
%bcond_without oblig_signed_modules
|
||||
%endif
|
||||
|
||||
# Kernel flavour
|
||||
|
|
@ -781,8 +782,12 @@ echo CONFIG_SECURITY_SELINUX_BOOTPARAM=y >> .config
|
|||
# https://www.kernel.org/doc/html/v5.3/admin-guide/module-signing.html
|
||||
sed -i '/CONFIG_MODULE_SIG/d' .config
|
||||
echo CONFIG_MODULE_SIG=y >> .config
|
||||
%if %{with oblig_signed_modules}
|
||||
# Disallow loading not signed modules
|
||||
echo CONFIG_MODULE_SIG_FORCE=y >> .config
|
||||
%else
|
||||
echo CONFIG_MODULE_SIG_FORCE=n >> .config
|
||||
%endif
|
||||
# If %%build_debig is true, automatic signatures will be stripped,
|
||||
# then modules will be resigned, otherwise automatic signatures
|
||||
# will not be stripped and modules will not be resigned.
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue