Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/eclass/kernel-install.eclass
diff options
context:
space:
mode:
authorAndrew Ammerlaan <andrewammerlaan@gentoo.org>2023-08-26 20:03:16 +0200
committerAndrew Ammerlaan <andrewammerlaan@gentoo.org>2023-08-27 20:04:31 +0200
commit5b526a23565920557fcfaae55ed79c4392e712c0 (patch)
treeda785bad5e2ef3a05218884f4cd05bca5c75e66a /eclass/kernel-install.eclass
parentdev-ruby/amq-protocol: drop 2.3.2 (diff)
downloadgentoo-5b526a23565920557fcfaae55ed79c4392e712c0.tar.gz
gentoo-5b526a23565920557fcfaae55ed79c4392e712c0.tar.bz2
gentoo-5b526a23565920557fcfaae55ed79c4392e712c0.zip
kernel-install.eclass: enforce signed modules in test with USE=modules-sign
This only has effect when building the gpkg for gentoo-kernel-bin which overrides CONFIG_MODULE_SIG_FORCE. To ensure that the module signing was successful we instruct the kernel to reject modules with an invalid signature. This has no effect on other kernel packages which already have CONFIG_MODULE_SIG_FORCE=y. Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/32463 Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
Diffstat (limited to 'eclass/kernel-install.eclass')
-rw-r--r--eclass/kernel-install.eclass4
1 files changed, 4 insertions, 0 deletions
diff --git a/eclass/kernel-install.eclass b/eclass/kernel-install.eclass
index 62fbb1dab049..c1b9798a9ff9 100644
--- a/eclass/kernel-install.eclass
+++ b/eclass/kernel-install.eclass
@@ -301,6 +301,10 @@ kernel-install_test() {
;;
esac
+ if [[ ${KERNEL_IUSE_MODULES_SIGN} ]]; then
+ use modules-sign && qemu_extra_append+=" module.sig_enforce=1"
+ fi
+
cat > run.sh <<-EOF || die
#!/bin/sh
exec qemu-system-${qemu_arch} \