Skip to content

Trusted module loading in AutoSD

To ensure that the AutoSD kernel only runs trusted code, use_module_sig_enforce is on by default. The use_module_sig_enforce parameter sets module.sig_enforce=1. This security measure allows the kernel to load only modules with valid cryptographic signatures that have been authenticated against the system’s keyring and prevents the kernel from loading unsigned or invalidly signed modules.

This security mechanism works differently depending on what mode you use to build the image:

  • Package mode: The system uses kernel module signatures from the RPM, which allows any kernel module from the kernel RPM to be loaded.
  • Image mode: automotive-image-builder re-signs the modules in the image, so only modules specifically included in the image can be loaded.

© Red Hat