On 7/28/23 03:04, Sven Schnelle wrote:
> A build failure was reported when sha256() is not present:
>
> gcc-13.1.0-nolibc/s390-linux/bin/s390-linux-ld: arch/s390/kernel/cert_store.o: in function `check_certificate_hash':
> arch/s390/kernel/cert_store.c:267: undefined reference to `sha256'
>
> Therefore make CONFIG_CERT_STORE select CRYPTO_LIB_SHA256.
>
> Fixes: 8cf57d7217c3 ("s390: add support for user-defined certificates")
> Reported-by: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
> Closes: https://lore.kernel.org/all/8ecb57fb-4560-bdfc-9e55-63e3b0937132@xxxxxxxxxxxxx/
> Signed-off-by: Sven Schnelle <svens@xxxxxxxxxxxxx>
Sorry for the delay.
Tested-by: Randy Dunlap <rdunlap@xxxxxxxxxxxxx> # build-tested
Acked-by: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
Thanks.
> ---
> arch/s390/Kconfig | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
> index d9d50a7a2016..18bf754e1fad 100644
> --- a/arch/s390/Kconfig
> +++ b/arch/s390/Kconfig
> @@ -516,6 +516,7 @@ config KEXEC_SIG
> config CERT_STORE
> bool "Get user certificates via DIAG320"
> depends on KEYS
> + select CRYPTO_LIB_SHA256
> help
> Enable this option if you want to access user-provided secure boot
> certificates via DIAG 0x320.
--
~Randy
