Re: [PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's... | linux-security-module

[PATCH v2 0/2] Add support for ECDSA-signed kernel modules · Stefan Berger <stefanb@linux.ibm.com> · 2021-04-08
[PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Stefan Berger <stefanb@linux.ibm.com> · 2021-04-08
Re: [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Mimi Zohar <zohar@linux.ibm.com> · 2021-04-08
Re: [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Jessica Yu <jeyu@kernel.org> · 2021-04-20
Re: [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Stefan Berger <stefanb@linux.ibm.com> · 2021-04-20
Re: [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Jessica Yu <jeyu@kernel.org> · 2021-04-21
Re: [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Stefan Berger <stefanb@linux.ibm.com> · 2021-04-21
Re: [PATCH v2 2/2] certs: Add support for using elliptic curve keys for signing modules · Jessica Yu <jeyu@kernel.org> · 2021-04-21
[PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key · Stefan Berger <stefanb@linux.ibm.com> · 2021-04-08
Re: [PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key · Mimi Zohar <zohar@linux.ibm.com> · 2021-04-08
Re: [PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key · Stefan Berger <stefanb@linux.ibm.com> · 2021-04-08
Re: [PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key · Mimi Zohar <zohar@linux.ibm.com> · 2021-04-08

Re: [PATCH v2 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key

From: Stefan Berger <stefanb@linux.ibm.com>
Date: 2021-04-08 19:19:50
Also in: keyrings, linux-integrity, lkml

On 4/8/21 1:15 PM, Mimi Zohar wrote:

On Thu, 2021-04-08 at 11:24 -0400, Stefan Berger wrote:

quoted

Address a kbuild issue where a developer created an ECDSA key for signing
kernel modules and then builds an older version of the kernel, when bi-
secting the kernel for example, that does not support ECDSA keys.

Trigger the creation of an RSA module signing key if it is not an RSA key.

Fixes: cfc411e7fff3 ("Move certificate handling to its own directory")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Thanks, Stefan.

Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

Via which tree will this go upstream? keyrings?


    Stefan

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help