Re: [RFC PATCH v1] module: sign with sha512 by default to avoid build errors

From: Thorsten Leemhuis
Date: Thu Oct 10 2024 - 04:17:03 EST


On 10.10.24 09:00, Thorsten Leemhuis wrote:
> Avoid build errors with allmodconfig on Fedora Linux 41+ by reordering
> the Kconfig choices so modules are signed with sha512 by default. That
> way sha1 will be avoided, which beforehand was chosen by default on
> x86_64 when running allmodconfig -- which on the latest Fedora leads to
> the following build error when building the certs/ directory:
> [...]
> Link: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustsha1SigVer [1]

Sorry, one search-and-replace went to far, this is meant to be:
https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer

Ciao, Thorsten