Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752184AbcDWSoe (ORCPT <rfc822;w@1wt.eu>);
	Sat, 23 Apr 2016 14:44:34 -0400
Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:33843 "EHLO
	shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1752112AbcDWSod (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sat, 23 Apr 2016 14:44:33 -0400
Date: Sat, 23 Apr 2016 19:44:21 +0100
From: Ben Hutchings <ben@decadent.org.uk>
To: Rusty Russell <rusty@rustcorp.com.au>
Cc: David Howells <dhowells@redhat.com>, David Woodhouse <dwmw2@infradead.org>,
        keyrings@vger.kernel.org, linux-kernel@vger.kernel.org
Message-ID: <20160423184421.GL3348@decadent.org.uk>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="oY1uq2ONqt5kuovO"
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: ben@decadent.org.uk
Subject: [PATCH 0/3] Module signing and version info
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on shadbolt.decadent.org.uk)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1757
Lines: 48


--oY1uq2ONqt5kuovO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

If a module signing key is used for multiple kernel builds, it is
critical that the modules for each build can be distinguished.
This series makes force-loading invalidate module signatures and
documents the importance of module version info when reusing a key
for multiple builds.

Ben.

Ben Hutchings (3):
  module: Invalidate signatures on force-loaded modules
  Documentation/module-signing.txt: Note need for version info if
    reusing a key
  module: Disable MODULE_FORCE_LOAD when MODULE_SIG_FORCE is enabled

 Documentation/module-signing.txt |  6 ++++++
 init/Kconfig                     |  1 +
 kernel/module.c                  | 13 +++++++++----
 3 files changed, 16 insertions(+), 4 deletions(-)


--oY1uq2ONqt5kuovO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBVxvChee/yOyVhhEJAQp3FQ//bwVI66xBXy3iyEszSEyidGvyeFIL+ef3
Ah+U4ymSg6irI0zkvpDfFN/da3gGxGMZxI2l8UTJlIfReM31jnURmduBQMSF/UtL
QIkev2/dkYBnLhu9vzFYGBf36th2reDp32f/lOPdQskkMuhCLjgxekkLMjAQiTD7
NcGq+SMq+JVMqq6DOqGqa9llJw2sa9dTOgh6mhc0kJV80cAftxgmGrS6weOgwIug
UqNqLiD/VwT7DzI3PHTrTLVMoXwL9jnJV/ViyQnb30GNfkbKTHv8vPsgvFwmWWUh
UGllT3Hke8oB7m2CLMO//X61GF9skyAlg27k/sQ4YvLClIppkrWNj9dDTlyjcPX1
1si+43uPN4tgONX6L8CIPHQ4Qw3M7uWtxOxoG03kkJUIRHcZpwuFWi7RyQsoZNbD
ssOALDMAR66y1YQQd/2ODqA6m6BZybpHFUoZy6lLnVyuOEHiVdIG1Q8pQyOb7av6
0gGzjb2q9Q4KH6Hpz+8aE9lT0Sh/1sngg5hjONb7ijlbdyfil5SyGOCBgsUcRHN5
cWRGg0Kutz92rJryCb7LfvnqqWLkpevdzfe48xtospgtY4fZPMbGijfXubk+fSEF
eOdKrJcrA+FZ/oMFpoTVx8Xab4gt/KzY1pau+6YV/4s1lI1cWFbVe3eDjiwvfgRA
WfQzlR7OTaU=
=chAI
-----END PGP SIGNATURE-----

--oY1uq2ONqt5kuovO--