samsung_sm8750/android_kernel_samsung_sm8750
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "module: sign with sha512 instead of sha1 by default"

Browse Source 
This reverts commit 247395cbec which is
commit f3b93547b91ad849b58eb5ab2dd070950ad7beb3 upstream.

It breaks the Android kernel build as BoringSSL can only sign with SHA1
for this Android branch, and we do not want to break the ABI by changing
the module signing process in this stable kernel branch.

It was only added upstream by Greg to get his ARM64 stable builds to
compile properly on the latest version of Fedora, which did NOT like to
sign with SHA1, so blame him :)

Bug: 161946584
Change-Id: I4901a37dd9ac4bdd54a712331e1288053f0d9fb9
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This commit is contained in:
Greg Kroah-Hartman
2025-05-05 14:03:19 +00:00
parent c92ac69873
commit 112728ca64
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
kernel/module/Kconfig
View File

@@ -256,7 +256,6 @@ comment "Do not forget to sign required modules with scripts/sign-file"
choice choice
prompt "Which hash algorithm should modules be signed with?" prompt "Which hash algorithm should modules be signed with?"
depends on MODULE_SIG || IMA_APPRAISE_MODSIG depends on MODULE_SIG || IMA_APPRAISE_MODSIG
default MODULE_SIG_SHA512
help help
This determines which sort of hashing algorithm will be used during This determines which sort of hashing algorithm will be used during
signature generation. This algorithm _must_ be built into the kernel signature generation. This algorithm _must_ be built into the kernel