[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CABCJKufSRmYnbjcwvhuGgC=xkyPgJyi7FMrAdDm3N0fun1cLAg@mail.gmail.com>
Date: Fri, 5 Sep 2025 08:09:02 -0700
From: Sami Tolvanen <samitolvanen@...gle.com>
To: Yunseong Kim <ysk@...lloc.com>
Cc: Luis Chamberlain <mcgrof@...nel.org>, Petr Pavlu <petr.pavlu@...e.com>,
Daniel Gomez <da.gomez@...nel.org>,
"Sami Tolvanen <samitolvanen@...gle.com> David Howells" <dhowells@...hat.com>, David Woodhouse <dwmw2@...radead.org>, linux-modules@...r.kernel.org,
keyrings@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [Question] Non-usage of PKEY_ID_PGP and PKEY_ID_X509 in module signing
Hi,
On Tue, Aug 26, 2025 at 11:58 AM Yunseong Kim <ysk@...lloc.com> wrote:
>
> Given that the module signature infrastructure seems hardcoded to use
> PKCS#7, could anyone clarify if PKEY_ID_PGP and PKEY_ID_X509 are used
> elsewhere in the kernel? Are they perhaps placeholders for future
> implementations or remnants of past ones?
If you search LKML archives, you'll find some past efforts to add PGP
signing support at least. The patches never ended up being merged
though. See the discussion here, for example:
https://lore.kernel.org/lkml/20220111180318.591029-1-roberto.sassu@huawei.com/
> If they are indeed unused and there are no plans to support them, would
> a patch to clean up these unused enum values be welcome? Or is there
> another reason for keeping them?
Perhaps the folks involved back then can chime in, but I'm fine with
removing these. I'm not sure how likely it is, but if someone at some
point makes a compelling case for supporting other key and signature
types, I'm sure they can add back the constants too.
Sami
Powered by blists - more mailing lists