http://bugzilla.opensuse.org/show_bug.cgi?id=1173158
http://bugzilla.opensuse.org/show_bug.cgi?id=1173158#c34
--- Comment #34 from Stefan Dirsch
Have you really checked that we actually have a problem with unsigned modules?
Unfortunately nobody did at that time. :-(
We have
CONFIG_MODULE_SIG=y CONFIG_MODULE_SIG_FORCE=n
in Leap 15.2 kernel and the help text for CONFIG_MODULE_SIG_FORCE says
Reject unsigned modules or signed modules for which we don't have a key. Without this, such modules will simply taint the kernel.
so that loading an unsigned module (or module signed with an unknown key) should taint the kernel and write a warning into kernel log but the module should load anyway.
Obviously this turned out to be fake news. :-( -- You are receiving this mail because: You are the assignee for the bug.