1 files changed, 68 insertions, 0 deletions
diff --git a/init/Kconfig b/init/Kconfig
index 89e4cf672dfe..6fdd6e339326 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1574,6 +1574,66 @@ config MODULE_SRCVERSION_ALL
          the version).  With this option, such a "srcversion" field
          will be created for all modules.  If unsure, say N.
+config MODULE_SIG
+        bool "Module signature verification"
+        depends on MODULES
+        select KEYS
+        select CRYPTO
+        select ASYMMETRIC_KEY_TYPE
+        select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+        select PUBLIC_KEY_ALGO_RSA
+        select ASN1
+        select OID_REGISTRY
+        select X509_CERTIFICATE_PARSER
+        help
+          Check modules for valid signatures upon load: the signature
+          is simply appended to the module. For more information see
+          Documentation/module-signing.txt.
+          !!!WARNING!!!  If you enable this option, you MUST make sure that the
+          module DOES NOT get stripped after being signed.  This includes the
+          debuginfo strip done by some packagers (such as rpmbuild) and
+          inclusion into an initramfs that wants the module size reduced.
+config MODULE_SIG_FORCE
+        bool "Require modules to be validly signed"
+        depends on MODULE_SIG
+        help
+          Reject unsigned modules or signed modules for which we don't have a
+          key.  Without this, such modules will simply taint the kernel.
+choice
+        prompt "Which hash algorithm should modules be signed with?"
+        depends on MODULE_SIG
+        help
+          This determines which sort of hashing algorithm will be used during
+          signature generation.  This algorithm _must_ be built into the kernel
+          directly so that signature verification can take place.  It is not
+          possible to load a signed module containing the algorithm to check
+          the signature on that module.
+config MODULE_SIG_SHA1
+        bool "Sign modules with SHA-1"
+        select CRYPTO_SHA1
+config MODULE_SIG_SHA224
+        bool "Sign modules with SHA-224"
+        select CRYPTO_SHA256
+config MODULE_SIG_SHA256
+        bool "Sign modules with SHA-256"
+        select CRYPTO_SHA256
+config MODULE_SIG_SHA384
+        bool "Sign modules with SHA-384"
+        select CRYPTO_SHA512
+config MODULE_SIG_SHA512
+        bool "Sign modules with SHA-512"
+        select CRYPTO_SHA512
+endchoice
 endif # MODULES
 config INIT_ALL_POSSIBLE
@@ -1607,4 +1667,12 @@ config PADATA
 config BROKEN_RODATA
        bool
+config ASN1
+        tristate
+        help
+          Build a simple ASN.1 grammar compiler that produces a bytecode output
+          that can be interpreted by the ASN.1 stream decoder and used to
+          inform it as to what tags are to be expected in a stream and what
+          functions to call on what tags.
 source "kernel/Kconfig.locks"

diff --git a/init/Kconfig b/init/Kconfig index 89e4cf672dfe..6fdd6e339326 100644 --- a/init/Kconfig +++ b/init/Kconfig
@@ -1574,6 +1574,66 @@ config MODULE_SRCVERSION_ALL
1574	the version). With this option, such a "srcversion" field	1574	the version). With this option, such a "srcversion" field
1575	will be created for all modules. If unsure, say N.	1575	will be created for all modules. If unsure, say N.
1576		1576
		1577	config MODULE_SIG
		1578	bool "Module signature verification"
		1579	depends on MODULES
		1580	select KEYS
		1581	select CRYPTO
		1582	select ASYMMETRIC_KEY_TYPE
		1583	select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
		1584	select PUBLIC_KEY_ALGO_RSA
		1585	select ASN1
		1586	select OID_REGISTRY
		1587	select X509_CERTIFICATE_PARSER
		1588	help
		1589	Check modules for valid signatures upon load: the signature
		1590	is simply appended to the module. For more information see
		1591	Documentation/module-signing.txt.
		1592
		1593	!!!WARNING!!! If you enable this option, you MUST make sure that the
		1594	module DOES NOT get stripped after being signed. This includes the
		1595	debuginfo strip done by some packagers (such as rpmbuild) and
		1596	inclusion into an initramfs that wants the module size reduced.
		1597
		1598	config MODULE_SIG_FORCE
		1599	bool "Require modules to be validly signed"
		1600	depends on MODULE_SIG
		1601	help
		1602	Reject unsigned modules or signed modules for which we don't have a
		1603	key. Without this, such modules will simply taint the kernel.
		1604
		1605	choice
		1606	prompt "Which hash algorithm should modules be signed with?"
		1607	depends on MODULE_SIG
		1608	help
		1609	This determines which sort of hashing algorithm will be used during
		1610	signature generation. This algorithm _must_ be built into the kernel
		1611	directly so that signature verification can take place. It is not
		1612	possible to load a signed module containing the algorithm to check
		1613	the signature on that module.
		1614
		1615	config MODULE_SIG_SHA1
		1616	bool "Sign modules with SHA-1"
		1617	select CRYPTO_SHA1
		1618
		1619	config MODULE_SIG_SHA224
		1620	bool "Sign modules with SHA-224"
		1621	select CRYPTO_SHA256
		1622
		1623	config MODULE_SIG_SHA256
		1624	bool "Sign modules with SHA-256"
		1625	select CRYPTO_SHA256
		1626
		1627	config MODULE_SIG_SHA384
		1628	bool "Sign modules with SHA-384"
		1629	select CRYPTO_SHA512
		1630
		1631	config MODULE_SIG_SHA512
		1632	bool "Sign modules with SHA-512"
		1633	select CRYPTO_SHA512
		1634
		1635	endchoice
		1636
1577	endif # MODULES	1637	endif # MODULES
1578		1638
1579	config INIT_ALL_POSSIBLE	1639	config INIT_ALL_POSSIBLE
@@ -1607,4 +1667,12 @@ config PADATA
1607	config BROKEN_RODATA	1667	config BROKEN_RODATA
1608	bool	1668	bool
1609		1669
		1670	config ASN1
		1671	tristate
		1672	help
		1673	Build a simple ASN.1 grammar compiler that produces a bytecode output
		1674	that can be interpreted by the ASN.1 stream decoder and used to
		1675	inform it as to what tags are to be expected in a stream and what
		1676	functions to call on what tags.
		1677
1610	source "kernel/Kconfig.locks"	1678	source "kernel/Kconfig.locks"