Hi,

On 3/24/21 12:43 AM, Randy Dunlap wrote:
On 3/23/21 1:35 AM, Tianjia Zhang wrote:
The kernel module signature supports the option to use the SM3
secure hash (OSCCA GM/T 0004-2012 SM3).

Signed-off-by: Tianjia Zhang <tianjia.zh...@linux.alibaba.com>
---
  Documentation/admin-guide/module-signing.rst | 5 +++--
  crypto/asymmetric_keys/pkcs7_parser.c        | 7 +++++++
  init/Kconfig                                 | 5 +++++
  3 files changed, 15 insertions(+), 2 deletions(-)


diff --git a/init/Kconfig b/init/Kconfig
index 5f5c776ef192..fed9236078e4 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -2202,6 +2202,10 @@ config MODULE_SIG_SHA512
        bool "Sign modules with SHA-512"
        select CRYPTO_SHA512
+config MODULE_SIG_SM3
+       bool "Sign modules with SM3"
+       select CRYPTO_SM3
+
  endchoice
config MODULE_SIG_HASH
@@ -2212,6 +2216,7 @@ config MODULE_SIG_HASH
        default "sha256" if MODULE_SIG_SHA256
        default "sha384" if MODULE_SIG_SHA384
        default "sha512" if MODULE_SIG_SHA512
+       default "sm3" if MODULE_SIG_SM3
config MODULE_COMPRESS
        bool "Compress modules on installation"


checkpatch tells me:

WARNING: please write a paragraph that describes the config symbol fully
#74: FILE: init/Kconfig:2205:
+config MODULE_SIG_SM3


so yes, it should have some help text there.

thanks.


I noticed, but this is just a list of algorithms, this warning can be ignored.

Best regards,
Tianjia

Reply via email to