Re: [PATCH v2] module: sign with sha512 instead of sha1 by default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Thorsten,

On Wed, Oct 16, 2024 at 7:18 AM Thorsten Leemhuis <linux@xxxxxxxxxxxxx> wrote:
>
> Switch away from using sha1 for module signing by default and use the
> more modern sha512 instead, which is what among others Arch, Fedora,
> RHEL, and Ubuntu are currently using for their kernels.
>
> Sha1 has not been considered secure against well-funded opponents since
> 2005[1]; since 2011 the NIST and other organizations furthermore
> recommended its replacement[2]. This is why OpenSSL on RHEL9, Fedora
> Linux 41+[3], and likely some other current and future distributions
> reject the creation of sha1 signatures, which leads to a build error of
> allmodconfig configurations:
>
>   80A20474797F0000:error:03000098:digital envelope routines:do_sigver_init:invalid digest:crypto/evp/m_sigver.c:342:
>   make[4]: *** [.../certs/Makefile:53: certs/signing_key.pem] Error 1
>   make[4]: *** Deleting file 'certs/signing_key.pem'
>   make[4]: *** Waiting for unfinished jobs....
>   make[3]: *** [.../scripts/Makefile.build:478: certs] Error 2
>   make[2]: *** [.../Makefile:1936: .] Error 2
>   make[1]: *** [.../Makefile:224: __sub-make] Error 2
>   make[1]: Leaving directory '...'
>   make: *** [Makefile:224: __sub-make] Error 2
>
> This change makes allmodconfig work again and sets a default that is
> more appropriate for current and future users, too.
>
> Link: https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html [1]
> Link: https://csrc.nist.gov/projects/hash-functions [2]
> Link: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustsha1SigVer [3]
> Signed-off-by: Thorsten Leemhuis <linux@xxxxxxxxxxxxx>
> ---
>
> v2:
> * use 'default MODULE_SIG_SHA512' in the "Hash algorithm to sign
>   modules" choice instead of resorting the entries there.
> * rewrite patch description
> * drop RFC tag
>
> v1: https://lore.kernel.org/all/42aa307d7ffae1851b4a8787f5c276dd0b3beece.1728543368.git.linux@xxxxxxxxxxxxx/
> ---
>  kernel/module/Kconfig | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/kernel/module/Kconfig b/kernel/module/Kconfig
> index 7c6588148d42d3..0c746a150e34e2 100644
> --- a/kernel/module/Kconfig
> +++ b/kernel/module/Kconfig
> @@ -231,6 +231,7 @@ comment "Do not forget to sign required modules with scripts/sign-file"
>  choice
>         prompt "Hash algorithm to sign modules"
>         depends on MODULE_SIG || IMA_APPRAISE_MODSIG
> +       default MODULE_SIG_SHA512
>         help
>           This determines which sort of hashing algorithm will be used during
>           signature generation.  This algorithm _must_ be built into the kernel

This looks good to me. Thank you for the patch!

Reviewed-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>

Sami





[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux