On Thu, Oct 10, 2024 at 10:19 AM Thorsten Leemhuis <linux@xxxxxxxxxxxxx> wrote: > > On 10.10.24 09:00, Thorsten Leemhuis wrote: > > Avoid build errors with allmodconfig on Fedora Linux 41+ by reordering > > the Kconfig choices so modules are signed with sha512 by default. That > > way sha1 will be avoided, which beforehand was chosen by default on > > x86_64 when running allmodconfig -- which on the latest Fedora leads to > > the following build error when building the certs/ directory: > > [...] > > Link: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustsha1SigVer [1] > > Sorry, one search-and-replace went to far, this is meant to be: > https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer > > Ciao, Thorsten > Hi Thorsten, That was wrong in the original code which you moved: +config MODULE_SIG_SHA384 + bool "SHA-384" + select CRYPTO_SHA512 <--- SHA*384* BR, -sed@-
