[PATCH 3/8] module: Give 'enum pkey_id_type' a more specific name

Mon, 02 Mar 2026 04:51:35 -0800 

This enum originates in generic cryptographic code and has a very
generic name. Nowadays it is only used for module signatures.

As this enum is going to be exposed in a UAPI header, give it a more
specific name for clarity and consistency.

Signed-off-by: Thomas Weißschuh <[email protected]>
---
 arch/s390/kernel/machine_kexec_file.c | 2 +-
 include/linux/module_signature.h      | 6 +++---
 kernel/module_signature.c             | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/arch/s390/kernel/machine_kexec_file.c 
b/arch/s390/kernel/machine_kexec_file.c
index 1bf59c3f0e2b..667ee9279e23 100644
--- a/arch/s390/kernel/machine_kexec_file.c
+++ b/arch/s390/kernel/machine_kexec_file.c
@@ -53,7 +53,7 @@ int s390_verify_sig(const char *kernel, unsigned long 
kernel_len)
                return -EKEYREJECTED;
        kernel_len -= sig_len;
 
-       if (ms->id_type != PKEY_ID_PKCS7)
+       if (ms->id_type != MODULE_SIGNATURE_TYPE_PKCS7)
                return -EKEYREJECTED;
 
        if (ms->algo != 0 ||
diff --git a/include/linux/module_signature.h b/include/linux/module_signature.h
index 820cc1473383..c3a05d4cfe67 100644
--- a/include/linux/module_signature.h
+++ b/include/linux/module_signature.h
@@ -14,8 +14,8 @@
 /* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */
 #define MODULE_SIG_STRING "~Module signature appended~\n"
 
-enum pkey_id_type {
-       PKEY_ID_PKCS7 = 2,      /* Signature in PKCS#7 message */
+enum module_signature_type {
+       MODULE_SIGNATURE_TYPE_PKCS7 = 2,        /* Signature in PKCS#7 message 
*/
 };
 
 /*
@@ -31,7 +31,7 @@ enum pkey_id_type {
 struct module_signature {
        u8      algo;           /* Public-key crypto algorithm [0] */
        u8      hash;           /* Digest algorithm [0] */
-       u8      id_type;        /* Key identifier type [PKEY_ID_PKCS7] */
+       u8      id_type;        /* Key identifier type [enum 
module_signature_type] */
        u8      signer_len;     /* Length of signer's name [0] */
        u8      key_id_len;     /* Length of key identifier [0] */
        u8      __pad[3];
diff --git a/kernel/module_signature.c b/kernel/module_signature.c
index 00132d12487c..a0eee2fe4368 100644
--- a/kernel/module_signature.c
+++ b/kernel/module_signature.c
@@ -24,7 +24,7 @@ int mod_check_sig(const struct module_signature *ms, size_t 
file_len,
        if (be32_to_cpu(ms->sig_len) >= file_len - sizeof(*ms))
                return -EBADMSG;
 
-       if (ms->id_type != PKEY_ID_PKCS7) {
+       if (ms->id_type != MODULE_SIGNATURE_TYPE_PKCS7) {
                pr_err("%s: not signed with expected PKCS#7 message\n",
                       name);
                return -ENOPKG;

-- 
2.53.0

Reply via email to