module signing: Changing to MODULE_SIG_SHA3_512

Prarit Bhargava Wed, 08 Nov 2023 05:33:47 -0800

Hey everyone,

The current kernel configs generate


# CONFIG_MODULE_SIG_FORCE is not set
CONFIG_MODULE_SIG_ALL=y
# CONFIG_MODULE_SIG_SHA256 is not set
# CONFIG_MODULE_SIG_SHA384 is not set
CONFIG_MODULE_SIG_SHA512=y
# CONFIG_MODULE_SIG_SHA3_256 is not set
# CONFIG_MODULE_SIG_SHA3_384 is not set
# CONFIG_MODULE_SIG_SHA3_512 is not set
CONFIG_MODULE_SIG_HASH="sha512"

With https://gitlab.com/cki-project/kernel-ark/-/merge_requests/2802

we can strengthen the module signing algorithm toCONFIG_MODULE_SIG_SHA3_512.

I'd like to do this before Fedora40, as it will be the basis ofcentos-stream-10 and RHEL10.


Thoughts or concerns?

P.
_______________________________________________
kernel mailing list -- kernel@lists.fedoraproject.org
To unsubscribe send an email to kernel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/kernel@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

module signing: Changing to MODULE_SIG_SHA3_512

Reply via email to