[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZxQ5QJAa-iv4S6sw@bombadil.infradead.org>
Date: Sat, 19 Oct 2024 15:57:04 -0700
From: Luis Chamberlain <mcgrof@...nel.org>
To: Thorsten Leemhuis <linux@...mhuis.info>
Cc: Petr Pavlu <petr.pavlu@...e.com>,
Sami Tolvanen <samitolvanen@...gle.com>,
Daniel Gomez <da.gomez@...sung.com>, linux-modules@...r.kernel.org,
Masahiro Yamada <masahiroy@...nel.org>,
linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] module: sign with sha512 instead of sha1 by default
On Wed, Oct 16, 2024 at 04:18:41PM +0200, Thorsten Leemhuis wrote:
> Switch away from using sha1 for module signing by default and use the
> more modern sha512 instead, which is what among others Arch, Fedora,
> RHEL, and Ubuntu are currently using for their kernels.
>
> Sha1 has not been considered secure against well-funded opponents since
> 2005[1]; since 2011 the NIST and other organizations furthermore
> recommended its replacement[2]. This is why OpenSSL on RHEL9, Fedora
> Linux 41+[3], and likely some other current and future distributions
> reject the creation of sha1 signatures, which leads to a build error of
> allmodconfig configurations:
>
> 80A20474797F0000:error:03000098:digital envelope routines:do_sigver_init:invalid digest:crypto/evp/m_sigver.c:342:
> make[4]: *** [.../certs/Makefile:53: certs/signing_key.pem] Error 1
> make[4]: *** Deleting file 'certs/signing_key.pem'
> make[4]: *** Waiting for unfinished jobs....
> make[3]: *** [.../scripts/Makefile.build:478: certs] Error 2
> make[2]: *** [.../Makefile:1936: .] Error 2
> make[1]: *** [.../Makefile:224: __sub-make] Error 2
> make[1]: Leaving directory '...'
> make: *** [Makefile:224: __sub-make] Error 2
>
> This change makes allmodconfig work again and sets a default that is
> more appropriate for current and future users, too.
>
> Link: https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html [1]
> Link: https://csrc.nist.gov/projects/hash-functions [2]
> Link: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustsha1SigVer [3]
> Signed-off-by: Thorsten Leemhuis <linux@...mhuis.info>
Thanks!
Tested-by: kdevops <kdevops@...ts.linux.dev> [0]
Links: https://github.com/linux-kdevops/linux-modules-kpd/actions/runs/11420092929/job/31775404330 # [0]
Applied and pushed!
Luis
Powered by blists - more mailing lists