Skip to content

Trusted module loading in AutoSD

To ensure that the AutoSD kernel only runs trusted code, use_module_sig_enforce is on by default. The use_module_sig_enforce parameter sets module.sig_enforce=1. This security measure allows the kernel to load only modules with valid cryptographic signatures that have been authenticated against the system’s keyring and prevents the kernel from loading unsigned or invalidly signed modules.

This security mechanism works differently depending on which build tool you use:

  • Package-based builds (aib-dev build): The system uses kernel module signatures from the RPM, which allows any kernel module from the kernel RPM to be loaded.
  • Bootc image builds (aib build): automotive-image-builder re-signs the modules in the image, so only modules specifically included in the image can be loaded.

© Red Hat