From 3ba3b371873d221db6845fb0fe52191b8b349b0a Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Thu, 29 Apr 2021 11:08:30 -0400
Subject: [PATCH] add `/etc/dkms/framework.conf.security-misc`

original, from
- https://github.com/dell/dkms/blob/master/dkms_framework.conf
- https://raw.githubusercontent.com/dell/dkms/master/dkms_framework.conf

https://forums.whonix.org/t/enforce-kernel-module-software-signature-verification-module-signing-disallow-kernel-module-loading-by-default/7880/58
---
 etc/dkms/framework.conf.security-misc | 32 +++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 etc/dkms/framework.conf.security-misc

diff --git a/etc/dkms/framework.conf.security-misc b/etc/dkms/framework.conf.security-misc
new file mode 100644
index 0000000..896ee93
--- /dev/null
+++ b/etc/dkms/framework.conf.security-misc
@@ -0,0 +1,32 @@
+## This configuration file modifies the behavior of
+## DKMS (Dynamic Kernel Module Support) and is sourced
+## in by DKMS every time it is run.
+
+## Source Tree Location (default: /usr/src)
+# source_tree="/usr/src"
+
+## DKMS Tree Location (default: /var/lib/dkms)
+# dkms_tree="/var/lib/dkms"
+
+## Install Tree Location (default: /lib/modules)
+# install_tree="/lib/modules"
+
+## tmp Location (default: /tmp)
+# tmp_location="/tmp"
+
+## verbosity setting (verbose will be active if you set it to a non-null value)
+# verbose=""
+
+## symlink kernel modules (will be active if you set it to a non-null value)
+## This creates symlinks from the install_tree into the dkms_tree instead of
+## copying the modules. This preserves some space on the costs of being less
+## safe.
+# symlink_modules=""
+
+## Automatic installation and upgrade for all installed kernels (if set to a
+## non-null value)
+# autoinstall_all_kernels=""
+
+## Script to sign modules during build, script is called with kernel version
+## and module name
+# sign_tool="/etc/dkms/sign_helper.sh"