This bug is awaiting verification that the linux- aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux- aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws-6.5' to 'verification-failed-jammy-linux-aws-6.5'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: kernel-spammed-jammy-linux-aws-6.5-v2 verification-needed-jammy-linux-aws-6.5 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2034061 Title: Default module signing algo should be accelerated Status in linux package in Ubuntu: Fix Released Bug description: [ Impact ] * Slow secureboot due to unoptimized signature verification algo [ Test Plan ] * Check config enforcement: If CONFIG_MODULE_SIG_(ALG)=y, then CONFIG_CRYPTO_(ALG)* should be =y as well [ Where problems could occur ] * Very old hardware incapable of a given optimisation will not gain from having optimised algo built-in [ Other Info ] * Full details Default module signing algo should be accelerated Default crypto signing algorithm for kernel modules, all its accelerated versions, should be built-in. This is to allow secureboot of accelerated machines to boot as quickly as possible when verifying each module signature. For example: given CONFIG_MODULE_SIG_SHA512=y All of CONFIG_CRYPTO_SHA512 policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 'riscv64': 'y', 's390x': 'y'}> CONFIG_CRYPTO_SHA512 note<'module signing'> CONFIG_CRYPTO_SHA512_ARM policy<{'armhf': 'm'}> CONFIG_CRYPTO_SHA512_ARM64 policy<{'arm64': 'm'}> CONFIG_CRYPTO_SHA512_ARM64_CE policy<{'arm64': 'm'}> CONFIG_CRYPTO_SHA512_S390 policy<{'s390x': 'm'}> CONFIG_CRYPTO_SHA512_SSSE3 policy<{'amd64': 'm'}> Should be =y on secureboot platforms. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2034061/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
