Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp4405658pxf; Tue, 23 Mar 2021 09:48:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzNd8sAvMGSnsTDzNiWjs/mf2oZzX6RDjcrUQav7eHklsRPbdwrZM5nx9RZUXEYzvBKgEpH X-Received: by 2002:a17:907:2d89:: with SMTP id gt9mr5870893ejc.226.1616518091607; Tue, 23 Mar 2021 09:48:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616518091; cv=none; d=google.com; s=arc-20160816; b=NLMnrd2mGJKZHRaK9aXOkLcaOR3tLxD0ssOIpWSymgHMMcnVVA6vnqLy+ia83JfW4D NdR9jD7BOEWDswoBMdomuxnusy2gnVUiwYiUFXj7UTbiQvyNYN9okO9zxeppkbaYstO3 GML2r4pvmcAWJy7bu/WAjxCSqvbJ7U+8G4BKFTuYRA2ez4LrDvqynM8TdhJns5Bfyu3g hEDW4Xf08vo2Z068vKa+Kx55G/mmZcDOg24c0Bk9N3hL0IM4yHNqATCN1tQPL1X+He/Z +uMUgrHmJKVGy6/jofLOwEe9bTBm4vreqNaMhJDzxcG3uxh+l3fji2ZrS6q9RSB1e8W5 ClTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :to:subject:dkim-signature; bh=zzu/xcn7sghWXmeoDI7Yw3IsP/Ljt8YacCwRazpIVIs=; b=QowZqgqNieQnlEGmn+g79x9WkNoYJCur34Jl+KJKraMowsPHRFNUnAGRVljZO8tYpN 42CdhVgF8u2qOOfDNuvHjJ0L3Ojse4vfhyEbojhKIosBpCu0sTCMxrsHHBBCzh3IyS9i SLl79sh5fe7Z34J61yzuvE7KDvt9naapukgZubgZ50iHlhMd9AO1VN53Dy07RpLQinCV Ho+DDDUjZAp5mL+7ycmMwCLNdB3ynOtSLZWyKJ36EraaIsbKxagakppsP5PL/WUDGyFj ZDsQZ4vmKo2F0dV6Qxq0dWQDpMaylZvbaE+evX/otdH2Wcf08qvg1gJLm+Z1U6VAgwEt GGUw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=FDBnzXOE; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dm15si14912442ejc.270.2021.03.23.09.47.41; Tue, 23 Mar 2021 09:48:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=FDBnzXOE; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233300AbhCWQpe (ORCPT + 99 others); Tue, 23 Mar 2021 12:45:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50444 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233299AbhCWQpM (ORCPT ); Tue, 23 Mar 2021 12:45:12 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C94C0C061574; Tue, 23 Mar 2021 09:45:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject:Sender: Reply-To:Cc:Content-ID:Content-Description; bh=zzu/xcn7sghWXmeoDI7Yw3IsP/Ljt8YacCwRazpIVIs=; b=FDBnzXOE4hpdcNK/uHISdHlTJL pE5bGCV+YPuJzn5Q0N336UFsRNRyt04ZEaeH4nomMbZFpqNXuYglGSmQmrqkd6siRDQEvi8oaKZOq OOk1zHPQoVuNA/AFJe6vzHkPxT21pKEzqX7IT8G559O61wUlqjGsil9VzzylhjwS2+nCogn/GrdUW NBM+rylskcYIC4aw80702/sRWJL4p/r9DdHJpZZ82V7+/uTAG442ynAPZJLyEz6edmTfEiv89QPVp Uotuxnt4XDlGObVV5DCbJ07ZRRVD0yCaOxAM1x4KoGBjrMr0GMBhv403zWmEXs4/3ZDFi3FGebj1f uT9HE14A==; Received: from [2601:1c0:6280:3f0::3ba4] by casper.infradead.org with esmtpsa (Exim 4.94 #2 (Red Hat Linux)) id 1lOk87-00AIWN-H4; Tue, 23 Mar 2021 16:44:04 +0000 Subject: Re: [PATCH] init/Kconfig: Support sign module with SM3 hash algorithm To: Tianjia Zhang , David Howells , David Woodhouse , Jonathan Corbet , Herbert Xu , "David S. Miller" , Masahiro Yamada , Andrew Morton , Nathan Chancellor , Kees Cook , Nick Desaulniers , Valentin Schneider , Nick Terrell , KP Singh , Johannes Weiner , Vlastimil Babka , keyrings@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, Jia Zhang References: <20210323083528.25678-1-tianjia.zhang@linux.alibaba.com> From: Randy Dunlap Message-ID: <28d3a339-6210-ffd2-950f-ea5340ac23b7@infradead.org> Date: Tue, 23 Mar 2021 09:43:35 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: <20210323083528.25678-1-tianjia.zhang@linux.alibaba.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 3/23/21 1:35 AM, Tianjia Zhang wrote: > The kernel module signature supports the option to use the SM3 > secure hash (OSCCA GM/T 0004-2012 SM3). > > Signed-off-by: Tianjia Zhang > --- > Documentation/admin-guide/module-signing.rst | 5 +++-- > crypto/asymmetric_keys/pkcs7_parser.c | 7 +++++++ > init/Kconfig | 5 +++++ > 3 files changed, 15 insertions(+), 2 deletions(-) > > diff --git a/init/Kconfig b/init/Kconfig > index 5f5c776ef192..fed9236078e4 100644 > --- a/init/Kconfig > +++ b/init/Kconfig > @@ -2202,6 +2202,10 @@ config MODULE_SIG_SHA512 > bool "Sign modules with SHA-512" > select CRYPTO_SHA512 > > +config MODULE_SIG_SM3 > + bool "Sign modules with SM3" > + select CRYPTO_SM3 > + > endchoice > > config MODULE_SIG_HASH > @@ -2212,6 +2216,7 @@ config MODULE_SIG_HASH > default "sha256" if MODULE_SIG_SHA256 > default "sha384" if MODULE_SIG_SHA384 > default "sha512" if MODULE_SIG_SHA512 > + default "sm3" if MODULE_SIG_SM3 > > config MODULE_COMPRESS > bool "Compress modules on installation" > checkpatch tells me: WARNING: please write a paragraph that describes the config symbol fully #74: FILE: init/Kconfig:2205: +config MODULE_SIG_SM3 so yes, it should have some help text there. thanks. -- ~Randy