On Fri, 2022-11-25 at 17:07 +0200, Mikko Rapeli wrote: > linux-yocto kernel adds openssl-native dependency by default even > when module signing is still optional. kmod should enable > openssl support too. This helps see details of signed kernel > modules and debug issues with module signing. For small systems > this can still be disabled.
This seems like an easy enough change at first glance, my concern is dependency chain creep. openssl is slower to build and for example may depend on perl-native so adding this here can cause builds to slow down quite a bit more than you'd expect. I've been holding off merging until I could look at the dependency chain and see how much difference it actually makes. I've not managed that yet though. One option may be to add a "signed-kernel-modules" level distro feature or perhaps a distro include file, since I suspect this functionality is going to need other changes to enable and work properly? Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174775): https://lists.openembedded.org/g/openembedded-core/message/174775 Mute This Topic: https://lists.openembedded.org/mt/95255244/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
