SHA-1 is considered deprecated and insecure due to vulnerabilities that can
lead to hash collisions. Most distributions have already been using SHA-2
for module signing because of this. The default was also changed last year
from SHA-1 to SHA-512 in f3b93547b91a ("module: sign with sha512 instead of
sha1 by default"). This was not reported to cause any issues. Therefore, it
now seems to be a good time to remove SHA-1 support for module signing.Looking at the configs of several distributions [1], it seems only Android still uses SHA-1 for module signing. @Sami, it this correct and is there a specific reason for using SHA-1? Note: The second patch has a minor conflict with the sign-file update in the series "lib/crypto: Add ML-DSA signing" [2]. [1] https://oracle.github.io/kconfigs/?config=UTS_RELEASE&config=MODULE_SIG_SHA1&version=be8f5f6abf0b0979be20ee8d9afa2a49a13500b8 [2] https://lore.kernel.org/linux-crypto/[email protected]/ Petr Pavlu (2): module: Remove SHA-1 support for module signing sign-file: Remove support for signing with PKCS#7 kernel/module/Kconfig | 5 ---- scripts/sign-file.c | 66 ++----------------------------------------- 2 files changed, 3 insertions(+), 68 deletions(-) base-commit: 4427259cc7f7571a157fbc9b5011e1ef6fe0a4a8 -- 2.51.1
