Djam/kernel-5.15
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/kernel-5.15.git synced 2025-02-24 02:52:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

CRYPTO_ECRDSA must be built in to load kernel keyring and modules

Browse source
This commit is contained in:
Mikhail Novosyolov 2020-03-15 13:15:38 +03:00
parent 663de86aea
commit 582758eb22
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
kernel.spec
View file

@ -11,7 +11,7 @@
%define sublevel 25
# Release number. Increase this before a rebuild.
%define rpmrel 2
%define rpmrel 3
%define fullrpmrel %{rpmrel}
%define rpmtag %{disttag}
@ -869,9 +869,12 @@ echo CONFIG_INIT_ON_FREE_DEFAULT_ON=y >> %{build_dir}/.config.append
# Here enabling only either only init_on_free or only init_on_alloc
# makes sense; init_on_alloc is not about protecting information.
# Keep Streebog crypto built-in to enable loading streebog-signed kernel modules
# Keep GOST crypto built-in to enable loading GOST-signed kernel modules
# and GOST keys from the kernel keyring
sed -i '/CONFIG_CRYPTO_STREEBOG/d' .config
echo 'CONFIG_CRYPTO_STREEBOG=y' >> %{build_dir}/.config.append
sed -i '/CONFIG_CRYPTO_ECRDSA/d' .config
echo 'CONFIG_CRYPTO_ECRDSA=y' >> %{build_dir}/.config.append
%endif
cat %{build_dir}/.config.append >> .config