Re: [PATCH] init/Kconfig: Support sign module with SM3 hash algorithm
From: Tianjia Zhang
Date: Wed Mar 24 2021 - 05:28:08 EST
Hi,
On 3/24/21 12:43 AM, Randy Dunlap wrote:
On 3/23/21 1:35 AM, Tianjia Zhang wrote:
The kernel module signature supports the option to use the SM3
secure hash (OSCCA GM/T 0004-2012 SM3).
Signed-off-by: Tianjia Zhang <tianjia.zhang@xxxxxxxxxxxxxxxxx>
---
Documentation/admin-guide/module-signing.rst | 5 +++--
crypto/asymmetric_keys/pkcs7_parser.c | 7 +++++++
init/Kconfig | 5 +++++
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/init/Kconfig b/init/Kconfig
index 5f5c776ef192..fed9236078e4 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -2202,6 +2202,10 @@ config MODULE_SIG_SHA512
bool "Sign modules with SHA-512"
select CRYPTO_SHA512
+config MODULE_SIG_SM3
+ bool "Sign modules with SM3"
+ select CRYPTO_SM3
+
endchoice
config MODULE_SIG_HASH
@@ -2212,6 +2216,7 @@ config MODULE_SIG_HASH
default "sha256" if MODULE_SIG_SHA256
default "sha384" if MODULE_SIG_SHA384
default "sha512" if MODULE_SIG_SHA512
+ default "sm3" if MODULE_SIG_SM3
config MODULE_COMPRESS
bool "Compress modules on installation"
checkpatch tells me:
WARNING: please write a paragraph that describes the config symbol fully
#74: FILE: init/Kconfig:2205:
+config MODULE_SIG_SM3
so yes, it should have some help text there.
thanks.
I noticed, but this is just a list of algorithms, this warning can be
ignored.
Best regards,
Tianjia