Re: [PATCH] init/Kconfig: Support sign module with SM3 hash algorithm
From: Randy Dunlap
Date: Tue Mar 23 2021 - 12:46:06 EST
On 3/23/21 1:35 AM, Tianjia Zhang wrote:
> The kernel module signature supports the option to use the SM3
> secure hash (OSCCA GM/T 0004-2012 SM3).
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@xxxxxxxxxxxxxxxxx>
> ---
> Documentation/admin-guide/module-signing.rst | 5 +++--
> crypto/asymmetric_keys/pkcs7_parser.c | 7 +++++++
> init/Kconfig | 5 +++++
> 3 files changed, 15 insertions(+), 2 deletions(-)
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 5f5c776ef192..fed9236078e4 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -2202,6 +2202,10 @@ config MODULE_SIG_SHA512
> bool "Sign modules with SHA-512"
> select CRYPTO_SHA512
>
> +config MODULE_SIG_SM3
> + bool "Sign modules with SM3"
> + select CRYPTO_SM3
> +
> endchoice
>
> config MODULE_SIG_HASH
> @@ -2212,6 +2216,7 @@ config MODULE_SIG_HASH
> default "sha256" if MODULE_SIG_SHA256
> default "sha384" if MODULE_SIG_SHA384
> default "sha512" if MODULE_SIG_SHA512
> + default "sm3" if MODULE_SIG_SM3
>
> config MODULE_COMPRESS
> bool "Compress modules on installation"
>
checkpatch tells me:
WARNING: please write a paragraph that describes the config symbol fully
#74: FILE: init/Kconfig:2205:
+config MODULE_SIG_SM3
so yes, it should have some help text there.
thanks.
--
~Randy