Kernel lockdown mode not enabled?

[ghost]

Hello,

I've just noticed that kernel lockdown mode (integrity/confidentiality) that was introduced in Linux 5.4 is not enabled in Void

/bin/sh: cat: /sys/kernel/security/lockdown: No such file or directory

Is there any reason for that?

[Meister1593]

Curious too

[Duncaen]

Enabling it without the bits to make use of it doesn't make much sense, but I doubt there is anything stopping us from enabling it if someone comes up with a setup.

Not even sure if we can make a generic setup for that, what or who would sign the modules? Should this be a key owned by void, what about the initramfs then?

[ericonr]

We have discussed signing here previously #27736

I feel like this would probably break my setup, since I boot with secure boot enabled.

[github-actions]

Issues become stale 90 days after last activity and are closed 14 days after that. If this issue is still relevant bump it or assign it.