On January 4, 2025 2:37 am, Luis Chamberlain wrote: > On Wed, Dec 25, 2024 at 11:52:00PM +0100, Thomas Weißschuh wrote: >> diff --git a/kernel/module/Kconfig b/kernel/module/Kconfig >> index 7b329057997ad2ec310133ca84617d9bfcdb7e9f..57d317a6fa444195d0806e6bd7a2af6e338a7f01 100644 >> --- a/kernel/module/Kconfig >> +++ b/kernel/module/Kconfig >> @@ -344,6 +344,17 @@ config MODULE_DECOMPRESS >> >> If unsure, say N. >> >> +config MODULE_HASHES >> + bool "Module hash validation" >> + depends on !MODULE_SIG > > Why are these mutually exclusive? Can't you want module signatures *and* > this as well? What distro which is using module signatures would switch > to this as an alternative instead? The help menu does not clarify any of > this at all, and neither does the patch. FWIW, I think we (Proxmox, a Debian derivative) would consider switching to MODULE_HASHES for the modules shipped with our kernel packages, once MODULE_HASHES does not conflict with user/MOK-signatures on DKMS- or manually-built modules. we do prefer reproducible builds, but extensibility via third-party modules is an important use case for us (and I except many other more general purpose distros).
