Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull intgrity updates from James Morris:
 "This contains just three patches, the remainder were either included
  in other pull requests (eg. audit, lockdown) or will be upstreamed via
  other subsystems (eg. kselftests, Power).

  Included here is one bug fix, one documentation update, and extending
  the x86 IMA arch policy rules to coordinate the different kernel
  module signature verification methods"

* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  doc/kernel-parameters.txt: Deprecate ima_appraise_tcb
  x86/ima: add missing include
  x86/ima: require signed kernel modules

1 files changed, 5 insertions, 0 deletions

diff --git a/include/linux/module.h b/include/linux/module.h
index 484b5cbb3410..8f75277d4cef 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -677,6 +677,7 @@ static inline bool is_livepatch_module(struct module *mod)
 #endif /* CONFIG_LIVEPATCH */
 
 bool is_module_sig_enforced(void);
+void set_module_sig_enforced(void);
 
 #else /* !CONFIG_MODULES... */
 
@@ -803,6 +804,10 @@ static inline bool is_module_sig_enforced(void)
 	return false;
 }
 
+static inline void set_module_sig_enforced(void)
+{
+}
+
 /* Dereference module function descriptor */
 static inline
 void *dereference_module_function_descriptor(struct module *mod, void *ptr)