modules: Enable MODULE_SIG and MODULE_SIG_SHA256
...but not MODULE_SIG_ALL as signatures will be packaged separately
This commit is contained in:
parent
7321950826
commit
c955e35c32
|
@ -10,6 +10,9 @@ linux (4.5-1~exp2) UNRELEASED; urgency=medium
|
|||
(Closes: #550379, #573483, #816500)
|
||||
* Add Matthew Garrett's securelevel patchset in preparation for Secure Boot
|
||||
support (see Documentation/security/securelevel.txt)
|
||||
* modules: Enable MODULE_SIG and MODULE_SIG_SHA256, but not MODULE_SIG_ALL
|
||||
as signatures will be packaged separately
|
||||
- debian/control: Add build-dependency on libssl-dev
|
||||
|
||||
-- Ben Hutchings <ben@decadent.org.uk> Fri, 25 Mar 2016 13:43:57 +0000
|
||||
|
||||
|
|
|
@ -672,6 +672,7 @@ CONFIG_ORION_WATCHDOG=m
|
|||
# CONFIG_CHECKPOINT_RESTORE is not set
|
||||
CONFIG_CC_OPTIMIZE_FOR_SIZE=y
|
||||
# CONFIG_PROFILING is not set
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
|
||||
##
|
||||
## file: kernel/power/Kconfig
|
||||
|
|
|
@ -55,11 +55,6 @@ CONFIG_EFI_PARTITION=y
|
|||
# CONFIG_SYSV68_PARTITION is not set
|
||||
# CONFIG_CMDLINE_PARTITION is not set
|
||||
|
||||
##
|
||||
## file: certs/Kconfig
|
||||
##
|
||||
# CONFIG_SYSTEM_TRUSTED_KEYRING is not set
|
||||
|
||||
##
|
||||
## file: crypto/Kconfig
|
||||
##
|
||||
|
@ -5585,8 +5580,14 @@ CONFIG_MODULE_UNLOAD=y
|
|||
CONFIG_MODULE_FORCE_UNLOAD=y
|
||||
CONFIG_MODVERSIONS=y
|
||||
# CONFIG_MODULE_SRCVERSION_ALL is not set
|
||||
#. Not yet
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
CONFIG_MODULE_SIG=y
|
||||
#. Signature validation is a run-time option
|
||||
# CONFIG_MODULE_SIG_FORCE is not set
|
||||
#. Signatures are added in linux-signed
|
||||
# CONFIG_MODULE_SIG_ALL is not set
|
||||
## choice: Which hash algorithm should modules be signed with?
|
||||
CONFIG_MODULE_SIG_SHA256=y
|
||||
## end choice
|
||||
# CONFIG_MODULE_COMPRESS is not set
|
||||
|
||||
##
|
||||
|
|
|
@ -4,7 +4,7 @@ Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
|
|||
Uploaders: Bastian Blank <waldi@debian.org>, maximilian attems <maks@debian.org>, Ben Hutchings <ben@decadent.org.uk>
|
||||
Standards-Version: 3.9.5
|
||||
Build-Depends: debhelper, python3:any, quilt,
|
||||
cpio <!stage1>, kmod <!stage1>, xz-utils <!stage1>, kernel-wedge (>= 2.93~) <!stage1>, bc <!stage1>,
|
||||
cpio <!stage1>, kmod <!stage1>, xz-utils <!stage1>, kernel-wedge (>= 2.93~) <!stage1>, bc <!stage1>, libssl-dev <!stage1>, openssl <!stage1>,
|
||||
asciidoc <!stage1>, bison <!stage1>, flex <!stage1>, gcc-multilib [amd64 ppc64 s390x sparc64] <!stage1>, libaudit-dev <!stage1>, libdw-dev <!stage1>, libelf-dev <!stage1>, libiberty-dev <!stage1> | binutils-dev (<< 2.23.91.20131123-1) <!stage1>, libnewt-dev <!stage1>, libnuma-dev [amd64 arm64 hppa i386 mips mips64 mips64el mipsel powerpc powerpcspe ppc64 ppc64el sparc x32] <!stage1>, libperl-dev <!stage1>, libunwind8-dev [amd64 armel armhf arm64 i386] <!stage1>, python-dev <!stage1>, xmlto <!stage1>,
|
||||
autoconf <!stage1>, automake <!stage1>, libtool <!stage1>, libglib2.0-dev <!stage1>, libudev-dev <!stage1>, libwrap0-dev <!stage1>, libpci-dev <!stage1>,
|
||||
dh-python <!stage1>, dh-systemd <!stage1>
|
||||
|
|
Loading…
Reference in New Issue