ANDROID: GKI: load vendor modules without tainting the kernel

GKI repurposes module signing to distinguish GKI and vendor modules.
It was unhelpful and sometimes confusing to taint the kernel when
loading vendor modules.

Bug: 232430739
Bug: 383260800
Change-Id: If05a9e7d8e28954eba0472149fe312045c9c4fad
Signed-off-by: Giuliano Procida <gprocida@google.com>
(cherry picked from commit 23313da5700f038f95a82a695392e5bb5b550ba6)
This commit is contained in:
Giuliano Procida
2024-12-11 09:59:42 +00:00
parent 1fd0b4f658
commit d2d0d17001
+2
View File
@@ -2371,12 +2371,14 @@ static void module_augment_kernel_taints(struct module *mod, struct load_info *i
}
#ifdef CONFIG_MODULE_SIG
mod->sig_ok = info->sig_ok;
#ifndef CONFIG_MODULE_SIG_PROTECT
if (!mod->sig_ok) {
pr_notice_once("%s: module verification failed: signature "
"and/or required key missing - tainting "
"kernel\n", mod->name);
add_taint_module(mod, TAINT_UNSIGNED_MODULE, LOCKDEP_STILL_OK);
}
#endif
#else
mod->sig_ok = 0;
#endif