| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABCJKuf_s54EhYO1-j20VgHGC8AJ44cug6773XZ673eukUsLxA@mail.gmail.com> Date: Wed, 16 Oct 2024 08:30:34 -0700 From: Sami Tolvanen <samitolvanen@...gle.com> To: Thorsten Leemhuis <linux@...mhuis.info> Cc: Luis Chamberlain <mcgrof@...nel.org>, Petr Pavlu <petr.pavlu@...e.com>, Daniel Gomez <da.gomez@...sung.com>, linux-modules@...r.kernel.org, Masahiro Yamada <masahiroy@...nel.org>, linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] module: sign with sha512 instead of sha1 by default Hi Thorsten, On Wed, Oct 16, 2024 at 7:18 AM Thorsten Leemhuis <linux@...mhuis.info> wrote: > > Switch away from using sha1 for module signing by default and use the > more modern sha512 instead, which is what among others Arch, Fedora, > RHEL, and Ubuntu are currently using for their kernels. > > Sha1 has not been considered secure against well-funded opponents since > 2005[1]; since 2011 the NIST and other organizations furthermore > recommended its replacement[2]. This is why OpenSSL on RHEL9, Fedora > Linux 41+[3], and likely some other current and future distributions > reject the creation of sha1 signatures, which leads to a build error of > allmodconfig configurations: > > 80A20474797F0000:error:03000098:digital envelope routines:do_sigver_init:invalid digest:crypto/evp/m_sigver.c:342: > make[4]: *** [.../certs/Makefile:53: certs/signing_key.pem] Error 1 > make[4]: *** Deleting file 'certs/signing_key.pem' > make[4]: *** Waiting for unfinished jobs.... > make[3]: *** [.../scripts/Makefile.build:478: certs] Error 2 > make[2]: *** [.../Makefile:1936: .] Error 2 > make[1]: *** [.../Makefile:224: __sub-make] Error 2 > make[1]: Leaving directory '...' > make: *** [Makefile:224: __sub-make] Error 2 > > This change makes allmodconfig work again and sets a default that is > more appropriate for current and future users, too. > > Link: https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html [1] > Link: https://csrc.nist.gov/projects/hash-functions [2] > Link: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustsha1SigVer [3] > Signed-off-by: Thorsten Leemhuis <linux@...mhuis.info> > --- > > v2: > * use 'default MODULE_SIG_SHA512' in the "Hash algorithm to sign > modules" choice instead of resorting the entries there. > * rewrite patch description > * drop RFC tag > > v1: https://lore.kernel.org/all/42aa307d7ffae1851b4a8787f5c276dd0b3beece.1728543368.git.linux@leemhuis.info/ > --- > kernel/module/Kconfig | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/kernel/module/Kconfig b/kernel/module/Kconfig > index 7c6588148d42d3..0c746a150e34e2 100644 > --- a/kernel/module/Kconfig > +++ b/kernel/module/Kconfig > @@ -231,6 +231,7 @@ comment "Do not forget to sign required modules with scripts/sign-file" > choice > prompt "Hash algorithm to sign modules" > depends on MODULE_SIG || IMA_APPRAISE_MODSIG > + default MODULE_SIG_SHA512 > help > This determines which sort of hashing algorithm will be used during > signature generation. This algorithm _must_ be built into the kernel This looks good to me. Thank you for the patch! Reviewed-by: Sami Tolvanen <samitolvanen@...gle.com> Sami
Powered by blists - more mailing lists