Hi, On Fri, Sep 5, 2025 at 6:38 AM Coder <[email protected]> wrote: > > From: Fidal Palamparambil <[email protected]> > Date: Fri, 5 Sep 2025 17:16:01 +0400 > Subject: [PATCH] module: harden module signature checking > Cc: [email protected], [email protected], [email protected], > [email protected], [email protected] > > module: harden module signature checking > > This patch makes small defensive and style improvements to the > module signature checker: > > - avoid void * arithmetic by casting module header to const u8 * > - add an explicit bounds check for ms.sig_len before using it > - restore info->len to its original value when verification fails so > the loader does not observe a truncated length unexpectedly > - use READ_ONCE/WRITE_ONCE for sig_enforce to avoid rare SMP visibility > races > > These changes are intended to improve clarity and robustness; they do not > change the signature verification policy or behavior. > > Signed-off-by: Fidal Palamparambil <[email protected]> > > --- > > diff --git a/kernel/module-signing.c b/kernel/module-signing.c > index abcdef1..1234567 100644 > --- a/kernel/module-signing.c > +++ b/kernel/module-signing.c
We used to have kernel/module_signing.c before v5.19, but I'm not sure if kernel/module-signing.c has ever existed. How exactly did you generate this patch? Sami
