diff --git a/kernel.spec b/kernel.spec index b8bf94154..9b3a39190 100644 --- a/kernel.spec +++ b/kernel.spec @@ -62,7 +62,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 4 +%global baserelease 5 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -2314,6 +2314,9 @@ fi # ||----w | # || || %changelog +* Sat Oct 06 2012 Josh Boyer +- secure boot modsign depends on CONFIG_MODULE_SIG not CONFIG_MODULES + * Fri Oct 05 2012 Josh Boyer - Adjust secure boot modsign patch diff --git a/secure-boot-20120924.patch b/secure-boot-20120924.patch index 3f9bdc2f3..54825efe6 100644 --- a/secure-boot-20120924.patch +++ b/secure-boot-20120924.patch @@ -676,7 +676,7 @@ index 7e6e83f..2b0b980 100644 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); } -+#ifdef CONFIG_MODULES ++#ifdef CONFIG_MODULE_SIG +extern bool sig_enforce; +#endif + @@ -685,7 +685,7 @@ index 7e6e83f..2b0b980 100644 pr_info("Secure boot enabled\n"); cap_lower((&init_cred)->cap_bset, CAP_COMPROMISE_KERNEL); cap_lower((&init_cred)->cap_permitted, CAP_COMPROMISE_KERNEL); -+#ifdef CONFIG_MODULES ++#ifdef CONFIG_MODULE_SIG + /* Enable module signature enforcing */ + sig_enforce = true; +#endif