On Thu, Oct 10, 2024 at 10:29 AM Sedat Dilek <sedat.dilek@xxxxxxxxx> wrote: > > On Thu, Oct 10, 2024 at 10:19 AM Thorsten Leemhuis <linux@xxxxxxxxxxxxx> wrote: > > > > On 10.10.24 09:00, Thorsten Leemhuis wrote: > > > Avoid build errors with allmodconfig on Fedora Linux 41+ by reordering > > > the Kconfig choices so modules are signed with sha512 by default. That > > > way sha1 will be avoided, which beforehand was chosen by default on > > > x86_64 when running allmodconfig -- which on the latest Fedora leads to > > > the following build error when building the certs/ directory: > > > [...] > > > Link: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustsha1SigVer [1] > > > > Sorry, one search-and-replace went to far, this is meant to be: > > https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer > > > > Ciao, Thorsten > > > > Hi Thorsten, > > That was wrong in the original code which you moved: > > +config MODULE_SIG_SHA384 > + bool "SHA-384" > + select CRYPTO_SHA512 <--- SHA*384* > > BR, > -sed@- Thorsten, please fix it! -sed@- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/module/Kconfig#n249 https://git.kernel.org/linus/ea0b6dcf71d216dc11733ac19b26df0f5d0fd6c2
