[arch-general] SIgned Kernel Modules - new wiki page

[Genes Lists]

Since the kernel now separates verification of signed modules from the
enforcement policy whether to allow unverified modules to be loaded or
now I thought it's time to explore.  The enforcement policy can be
compiled in or turned on at run time via boot option to kernel.

I now have it working to sign all the in tree modules as well as the out
of tree modules.

In my case I'm signing virtualbox and wireguard.

In case it's helpful I created a wiki page outlining what I did to get
this working.

Hope it's useful.

https://wiki.archlinux.org/index.php/Signed_kernel_modules


gene