modsign: Fix documentation on module signing enforcement parameter.

Modify the documentation to match the actual parameter as implemented in
kernel/module.c:273.

Signed-off-by: James Johnston <johnstonj.public@codenest.com>
Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit is contained in:
James Johnston 2016-03-10 03:38:48 +00:00 committed by Jonathan Corbet
parent 0d6f3ebf9e
commit abfa6cd8cd

View File

@ -254,7 +254,7 @@ signature checking is all done within the kernel.
NON-VALID SIGNATURES AND UNSIGNED MODULES NON-VALID SIGNATURES AND UNSIGNED MODULES
========================================= =========================================
If CONFIG_MODULE_SIG_FORCE is enabled or enforcemodulesig=1 is supplied on If CONFIG_MODULE_SIG_FORCE is enabled or module.sig_enforce=1 is supplied on
the kernel command line, the kernel will only load validly signed modules the kernel command line, the kernel will only load validly signed modules
for which it has a public key. Otherwise, it will also load modules that are for which it has a public key. Otherwise, it will also load modules that are
unsigned. Any module for which the kernel has a key, but which proves to have unsigned. Any module for which the kernel has a key, but which proves to have