From nobody Sat Feb 7 07:11:49 2026 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5E1C93904D8; Tue, 13 Jan 2026 12:37:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=159.69.126.157 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768307871; cv=none; b=qSlq2aFnpX0swG2fK/DxSfIzedYplvQYBy9ZtfSP2gtDj7KotMlEqm6//LcdI3VJUK9nTc+ZI7iieVX04gH6W8C5VXgClOxodD9rNfNAp+mYEbORQ2t+lCPKsqhYQgg3jqU/G0b3jZ0cUTVXtwsNzof83dyc202dO9H8YaW2Mb8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768307871; c=relaxed/simple; bh=AQXwlX52KxlPEn4u0pj+ZozDxqAQgmwa0bwnrtMfO2o=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=n8adqeqzcQ1VVJRQNgmA8PC1HbEOu1XeLZ9pRP2ykYHEJ8LhBUIgJG/lyw3VHdhE8TCwaYFMOQN4uBJr9MGvxVaMXp6/6gNV9Rvh12WCH6jFkscXpHIXVa8YB+QXL9I5t/rmT1iduYsPcUylJOSqqsP69vtJWm3wimwIMqgGKDk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net; spf=pass smtp.mailfrom=weissschuh.net; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b=c11joj4q; arc=none smtp.client-ip=159.69.126.157 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=weissschuh.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=weissschuh.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=weissschuh.net header.i=@weissschuh.net header.b="c11joj4q" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1768307860; bh=AQXwlX52KxlPEn4u0pj+ZozDxqAQgmwa0bwnrtMfO2o=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=c11joj4qS+McPfr25fP7A7kNvS54i2wodhNwGm8BF8MCHBCTbxTURec2JoyZDdRLa Kw17+gExC9oSprSJCnNAf0nQsgFYPfgN6utQbd3WSPey3DtHOjtQxfI3MZ2PKPf3+h eArjJN7G84s4hKv5pQDHE51Nz9g0vsrfcVsPQXdw= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Tue, 13 Jan 2026 13:28:55 +0100 Subject: [PATCH v4 11/17] module: Move lockdown check into generic module loader Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260113-module-hashes-v4-11-0b932db9b56b@weissschuh.net> References: <20260113-module-hashes-v4-0-0b932db9b56b@weissschuh.net> In-Reply-To: <20260113-module-hashes-v4-0-0b932db9b56b@weissschuh.net> To: Nathan Chancellor , Arnd Bergmann , Luis Chamberlain , Petr Pavlu , Sami Tolvanen , Daniel Gomez , Paul Moore , James Morris , "Serge E. Hallyn" , Jonathan Corbet , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Naveen N Rao , Mimi Zohar , Roberto Sassu , Dmitry Kasatkin , Eric Snowberg , Nicolas Schier , Daniel Gomez , Aaron Tomlin , "Christophe Leroy (CS GROUP)" , Nicolas Schier , Nicolas Bouchinet , Xiu Jianfeng , Nicolas Schier , Christophe Leroy Cc: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= , Arnout Engelen , Mattia Rizzolo , kpcyrd , Christian Heusel , =?utf-8?q?C=C3=A2ju_Mihai-Drosi?= , Sebastian Andrzej Siewior , linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, linux-modules@vger.kernel.org, linux-security-module@vger.kernel.org, linux-doc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-integrity@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1768307859; l=1463; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=AQXwlX52KxlPEn4u0pj+ZozDxqAQgmwa0bwnrtMfO2o=; b=6Vy1azrI605whNaZMGmixiJa2Dmq7kFxo81sevB94fs40VlaNg6/O/Qz3rsQ10vnnq984b5K0 ZZT91klbjx1D5nQcLz0zpYHmdyhSDmffrqm+1UCDCPp4hIbzpVmoMks X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= The lockdown check buried in module_sig_check() will not compose well with the introduction of hash-based module validation. Move it into module_integrity_check() which will work better. Signed-off-by: Thomas Wei=C3=9Fschuh --- kernel/module/main.c | 6 +++++- kernel/module/signing.c | 3 +-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/kernel/module/main.c b/kernel/module/main.c index 9c570078aa9c..c09b25c0166a 100644 --- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -3351,7 +3351,11 @@ static int module_integrity_check(struct load_info *= info, int flags) if (IS_ENABLED(CONFIG_MODULE_SIG)) err =3D module_sig_check(info, flags); =20 - return err; + if (err) + return err; + if (info->sig_ok) + return 0; + return security_locked_down(LOCKDOWN_MODULE_SIGNATURE); } =20 /* diff --git a/kernel/module/signing.c b/kernel/module/signing.c index 66d90784de89..8a5f66389116 100644 --- a/kernel/module/signing.c +++ b/kernel/module/signing.c @@ -11,7 +11,6 @@ #include #include #include -#include #include #include #include "internal.h" @@ -68,5 +67,5 @@ int module_sig_check(struct load_info *info, int flags) return -EKEYREJECTED; } =20 - return security_locked_down(LOCKDOWN_MODULE_SIGNATURE); + return 0; } --=20 2.52.0