certs: Add support for using elliptic curve keys for signing modules - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Stefan Berger <[email protected]>	2021-06-29 17:34:21 -0400
committer	Jarkko Sakkinen <[email protected]>	2021-08-23 19:55:42 +0300
commit	a4aed36ed5924a05ecfadc470584188bfba2b928 (patch)
tree	fa716ef69d3f3ff29aeae2019b6c74164eac5557 /tools/testing/selftests/bpf/prog_tests/prog_array_init.c
parent	ea35e0d5df6c92fa2e124bb1b91d09b2240715ba (diff)

certs: Add support for using elliptic curve keys for signing modules

Add support for using elliptic curve keys for signing modules. It uses a NIST P384 (secp384r1) key if the user chooses an elliptic curve key and will have ECDSA support built into the kernel. Note: A developer choosing an ECDSA key for signing modules should still delete the signing key (rm certs/signing_key.*) when building an older version of a kernel that only supports RSA keys. Unless kbuild automati- cally detects and generates a new kernel module key, ECDSA-signed kernel modules will fail signature verification. Cc: David Howells <[email protected]> Cc: David Woodhouse <[email protected]> Signed-off-by: Stefan Berger <[email protected]> Reviewed-by: Jarkko Sakkinen <[email protected]> Tested-by: Jarkko Sakkinen <[email protected]> Signed-off-by: Jarkko Sakkinen <[email protected]>

Diffstat (limited to 'tools/testing/selftests/bpf/prog_tests/prog_array_init.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: