diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2026-02-10 09:32:30 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2026-02-10 09:32:30 -0800 |
| commit | b63c90720348578631cda74285958c3ad3169ce9 (patch) | |
| tree | e79503d20dda1e113f6b369e46b4235a9b289694 /include/linux/moduleparam.h | |
| parent | 958f7fb68c6be4e2d9dcb5bf31bfe746f6744aa3 (diff) | |
| parent | 965e9a2cf23b066d8bdeb690dff9cd7089c5f667 (diff) | |
Merge tag 'keys-next-20260206' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull keys update from David Howells:
"This adds support for ML-DSA signatures in X.509 certificates and
PKCS#7/CMS messages, thereby allowing this algorithm to be used for
signing modules, kexec'able binaries, wifi regulatory data, etc..
This requires OpenSSL-3.5 at a minimum and preferably OpenSSL-4 (so
that it can avoid the use of CMS signedAttrs - but that version is not
cut yet). certs/Kconfig does a check to hide the signing options if
OpenSSL does not list the algorithm as being available"
* tag 'keys-next-20260206' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
pkcs7: Change a pr_warn() to pr_warn_once()
pkcs7: Allow authenticatedAttributes for ML-DSA
modsign: Enable ML-DSA module signing
pkcs7, x509: Add ML-DSA support
pkcs7: Allow the signing algo to do whatever digestion it wants itself
pkcs7, x509: Rename ->digest to ->m
x509: Separately calculate sha256 for blacklist
crypto: Add ML-DSA crypto_sig support
Diffstat (limited to 'include/linux/moduleparam.h')
0 files changed, 0 insertions, 0 deletions