mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
kernel: enable and enforce signed kernel modules
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This commit is contained in:
Arne Fitzenreiter
@@ -1,6 +1,6 @@
|
||||
#
|
||||
# Automatically generated file; DO NOT EDIT.
|
||||
# Linux/arm64 4.14.154-ipfire Kernel Configuration
|
||||
# Linux/arm64 4.14.166-ipfire Kernel Configuration
|
||||
#
|
||||
CONFIG_ARM64=y
|
||||
CONFIG_64BIT=y
|
||||
@@ -221,7 +221,7 @@ CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
CONFIG_SLAB_FREELIST_RANDOM=y
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
CONFIG_SLUB_CPU_PARTIAL=y
|
||||
# CONFIG_SYSTEM_DATA_VERIFICATION is not set
|
||||
CONFIG_SYSTEM_DATA_VERIFICATION=y
|
||||
# CONFIG_PROFILING is not set
|
||||
CONFIG_TRACEPOINTS=y
|
||||
# CONFIG_KPROBES is not set
|
||||
@@ -306,7 +306,15 @@ CONFIG_MODULE_UNLOAD=y
|
||||
# CONFIG_MODULE_FORCE_UNLOAD is not set
|
||||
CONFIG_MODVERSIONS=y
|
||||
CONFIG_MODULE_SRCVERSION_ALL=y
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
CONFIG_MODULE_SIG=y
|
||||
CONFIG_MODULE_SIG_FORCE=y
|
||||
CONFIG_MODULE_SIG_ALL=y
|
||||
# CONFIG_MODULE_SIG_SHA1 is not set
|
||||
# CONFIG_MODULE_SIG_SHA224 is not set
|
||||
# CONFIG_MODULE_SIG_SHA256 is not set
|
||||
# CONFIG_MODULE_SIG_SHA384 is not set
|
||||
CONFIG_MODULE_SIG_SHA512=y
|
||||
CONFIG_MODULE_SIG_HASH="sha512"
|
||||
CONFIG_MODULE_COMPRESS=y
|
||||
# CONFIG_MODULE_COMPRESS_GZIP is not set
|
||||
CONFIG_MODULE_COMPRESS_XZ=y
|
||||
@@ -369,6 +377,7 @@ CONFIG_MQ_IOSCHED_KYBER=y
|
||||
CONFIG_IOSCHED_BFQ=y
|
||||
CONFIG_BFQ_GROUP_IOSCHED=y
|
||||
CONFIG_PADATA=y
|
||||
CONFIG_ASN1=y
|
||||
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
|
||||
CONFIG_INLINE_READ_UNLOCK=y
|
||||
CONFIG_INLINE_READ_UNLOCK_IRQ=y
|
||||
@@ -2065,6 +2074,7 @@ CONFIG_ACENIC=m
|
||||
# CONFIG_ACENIC_OMIT_TIGON_I is not set
|
||||
CONFIG_ALTERA_TSE=m
|
||||
CONFIG_NET_VENDOR_AMAZON=y
|
||||
CONFIG_ENA_ETHERNET=m
|
||||
CONFIG_NET_VENDOR_AMD=y
|
||||
CONFIG_AMD8111_ETH=m
|
||||
CONFIG_PCNET32=m
|
||||
@@ -6609,6 +6619,7 @@ CONFIG_CRYPTO=y
|
||||
#
|
||||
# Crypto core or helper
|
||||
#
|
||||
# CONFIG_CRYPTO_FIPS is not set
|
||||
CONFIG_CRYPTO_ALGAPI=y
|
||||
CONFIG_CRYPTO_ALGAPI2=y
|
||||
CONFIG_CRYPTO_AEAD=y
|
||||
@@ -6621,10 +6632,11 @@ CONFIG_CRYPTO_RNG=y
|
||||
CONFIG_CRYPTO_RNG2=y
|
||||
CONFIG_CRYPTO_RNG_DEFAULT=y
|
||||
CONFIG_CRYPTO_AKCIPHER2=y
|
||||
CONFIG_CRYPTO_AKCIPHER=y
|
||||
CONFIG_CRYPTO_KPP2=y
|
||||
CONFIG_CRYPTO_KPP=m
|
||||
CONFIG_CRYPTO_ACOMP2=y
|
||||
# CONFIG_CRYPTO_RSA is not set
|
||||
CONFIG_CRYPTO_RSA=y
|
||||
# CONFIG_CRYPTO_DH is not set
|
||||
CONFIG_CRYPTO_ECDH=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
@@ -6741,6 +6753,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG is not set
|
||||
# CONFIG_CRYPTO_USER_API_AEAD is not set
|
||||
CONFIG_CRYPTO_HASH_INFO=y
|
||||
CONFIG_CRYPTO_HW=y
|
||||
# CONFIG_CRYPTO_DEV_MARVELL_CESA is not set
|
||||
# CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC is not set
|
||||
@@ -6751,11 +6764,21 @@ CONFIG_CRYPTO_DEV_ROCKCHIP=y
|
||||
# CONFIG_CRYPTO_DEV_CHELSIO is not set
|
||||
CONFIG_CRYPTO_DEV_VIRTIO=m
|
||||
# CONFIG_CRYPTO_DEV_SAFEXCEL is not set
|
||||
# CONFIG_ASYMMETRIC_KEY_TYPE is not set
|
||||
CONFIG_ASYMMETRIC_KEY_TYPE=y
|
||||
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
|
||||
CONFIG_X509_CERTIFICATE_PARSER=y
|
||||
CONFIG_PKCS7_MESSAGE_PARSER=y
|
||||
CONFIG_PKCS7_TEST_KEY=m
|
||||
# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
|
||||
|
||||
#
|
||||
# Certificates for signature checking
|
||||
#
|
||||
CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
|
||||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
# CONFIG_ARM64_CRYPTO is not set
|
||||
CONFIG_BINARY_PRINTF=y
|
||||
@@ -6831,11 +6854,13 @@ CONFIG_DQL=y
|
||||
CONFIG_GLOB=y
|
||||
# CONFIG_GLOB_SELFTEST is not set
|
||||
CONFIG_NLATTR=y
|
||||
CONFIG_CLZ_TAB=y
|
||||
CONFIG_CORDIC=m
|
||||
CONFIG_DDR=y
|
||||
CONFIG_IRQ_POLL=y
|
||||
CONFIG_MPILIB=y
|
||||
CONFIG_LIBFDT=y
|
||||
CONFIG_OID_REGISTRY=m
|
||||
CONFIG_OID_REGISTRY=y
|
||||
CONFIG_UCS2_STRING=y
|
||||
CONFIG_FONT_SUPPORT=y
|
||||
# CONFIG_FONTS is not set
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#
|
||||
# Automatically generated file; DO NOT EDIT.
|
||||
# Linux/arm 4.14.154-ipfire-multi Kernel Configuration
|
||||
# Linux/arm 4.14.166-ipfire-multi Kernel Configuration
|
||||
#
|
||||
CONFIG_ARM=y
|
||||
CONFIG_ARM_HAS_SG_CHAIN=y
|
||||
@@ -218,7 +218,7 @@ CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
CONFIG_SLAB_FREELIST_RANDOM=y
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
CONFIG_SLUB_CPU_PARTIAL=y
|
||||
# CONFIG_SYSTEM_DATA_VERIFICATION is not set
|
||||
CONFIG_SYSTEM_DATA_VERIFICATION=y
|
||||
# CONFIG_PROFILING is not set
|
||||
CONFIG_TRACEPOINTS=y
|
||||
CONFIG_HAVE_OPROFILE=y
|
||||
@@ -301,7 +301,15 @@ CONFIG_MODULE_UNLOAD=y
|
||||
# CONFIG_MODULE_FORCE_UNLOAD is not set
|
||||
CONFIG_MODVERSIONS=y
|
||||
CONFIG_MODULE_SRCVERSION_ALL=y
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
CONFIG_MODULE_SIG=y
|
||||
CONFIG_MODULE_SIG_FORCE=y
|
||||
CONFIG_MODULE_SIG_ALL=y
|
||||
# CONFIG_MODULE_SIG_SHA1 is not set
|
||||
# CONFIG_MODULE_SIG_SHA224 is not set
|
||||
# CONFIG_MODULE_SIG_SHA256 is not set
|
||||
# CONFIG_MODULE_SIG_SHA384 is not set
|
||||
CONFIG_MODULE_SIG_SHA512=y
|
||||
CONFIG_MODULE_SIG_HASH="sha512"
|
||||
CONFIG_MODULE_COMPRESS=y
|
||||
# CONFIG_MODULE_COMPRESS_GZIP is not set
|
||||
CONFIG_MODULE_COMPRESS_XZ=y
|
||||
@@ -363,6 +371,7 @@ CONFIG_MQ_IOSCHED_KYBER=y
|
||||
CONFIG_IOSCHED_BFQ=y
|
||||
CONFIG_BFQ_GROUP_IOSCHED=y
|
||||
CONFIG_PADATA=y
|
||||
CONFIG_ASN1=y
|
||||
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
|
||||
CONFIG_INLINE_READ_UNLOCK=y
|
||||
CONFIG_INLINE_READ_UNLOCK_IRQ=y
|
||||
@@ -2333,6 +2342,7 @@ CONFIG_ACENIC=m
|
||||
# CONFIG_ACENIC_OMIT_TIGON_I is not set
|
||||
CONFIG_ALTERA_TSE=m
|
||||
CONFIG_NET_VENDOR_AMAZON=y
|
||||
CONFIG_ENA_ETHERNET=m
|
||||
CONFIG_NET_VENDOR_AMD=y
|
||||
CONFIG_AMD8111_ETH=m
|
||||
CONFIG_PCNET32=m
|
||||
@@ -7045,7 +7055,6 @@ CONFIG_ARM_UNWIND=y
|
||||
CONFIG_OLD_MCOUNT=y
|
||||
# CONFIG_DEBUG_USER is not set
|
||||
# CONFIG_DEBUG_LL is not set
|
||||
CONFIG_DEBUG_IMX_UART_PORT=1
|
||||
CONFIG_DEBUG_LL_INCLUDE="mach/debug-macro.S"
|
||||
# CONFIG_DEBUG_UART_8250 is not set
|
||||
CONFIG_UNCOMPRESS_INCLUDE="debug/uncompress.h"
|
||||
@@ -7092,6 +7101,7 @@ CONFIG_CRYPTO=y
|
||||
#
|
||||
# Crypto core or helper
|
||||
#
|
||||
# CONFIG_CRYPTO_FIPS is not set
|
||||
CONFIG_CRYPTO_ALGAPI=y
|
||||
CONFIG_CRYPTO_ALGAPI2=y
|
||||
CONFIG_CRYPTO_AEAD=y
|
||||
@@ -7104,10 +7114,11 @@ CONFIG_CRYPTO_RNG=y
|
||||
CONFIG_CRYPTO_RNG2=y
|
||||
CONFIG_CRYPTO_RNG_DEFAULT=y
|
||||
CONFIG_CRYPTO_AKCIPHER2=y
|
||||
CONFIG_CRYPTO_AKCIPHER=y
|
||||
CONFIG_CRYPTO_KPP2=y
|
||||
CONFIG_CRYPTO_KPP=m
|
||||
CONFIG_CRYPTO_ACOMP2=y
|
||||
# CONFIG_CRYPTO_RSA is not set
|
||||
CONFIG_CRYPTO_RSA=y
|
||||
# CONFIG_CRYPTO_DH is not set
|
||||
CONFIG_CRYPTO_ECDH=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
@@ -7224,6 +7235,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG is not set
|
||||
# CONFIG_CRYPTO_USER_API_AEAD is not set
|
||||
CONFIG_CRYPTO_HASH_INFO=y
|
||||
CONFIG_CRYPTO_HW=y
|
||||
CONFIG_CRYPTO_DEV_MV_CESA=m
|
||||
# CONFIG_CRYPTO_DEV_MARVELL_CESA is not set
|
||||
@@ -7242,11 +7254,21 @@ CONFIG_CRYPTO_DEV_SUN4I_SS=y
|
||||
CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG=y
|
||||
CONFIG_CRYPTO_DEV_ROCKCHIP=y
|
||||
# CONFIG_CRYPTO_DEV_CHELSIO is not set
|
||||
# CONFIG_ASYMMETRIC_KEY_TYPE is not set
|
||||
CONFIG_ASYMMETRIC_KEY_TYPE=y
|
||||
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
|
||||
CONFIG_X509_CERTIFICATE_PARSER=y
|
||||
CONFIG_PKCS7_MESSAGE_PARSER=y
|
||||
CONFIG_PKCS7_TEST_KEY=m
|
||||
# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
|
||||
|
||||
#
|
||||
# Certificates for signature checking
|
||||
#
|
||||
CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
|
||||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
CONFIG_ARM_CRYPTO=y
|
||||
CONFIG_CRYPTO_SHA1_ARM=m
|
||||
@@ -7327,11 +7349,13 @@ CONFIG_GLOB=y
|
||||
# CONFIG_GLOB_SELFTEST is not set
|
||||
CONFIG_NLATTR=y
|
||||
CONFIG_GENERIC_ATOMIC64=y
|
||||
CONFIG_CLZ_TAB=y
|
||||
CONFIG_CORDIC=m
|
||||
CONFIG_DDR=y
|
||||
CONFIG_IRQ_POLL=y
|
||||
CONFIG_MPILIB=y
|
||||
CONFIG_LIBFDT=y
|
||||
CONFIG_OID_REGISTRY=m
|
||||
CONFIG_OID_REGISTRY=y
|
||||
CONFIG_FONT_SUPPORT=y
|
||||
# CONFIG_FONTS is not set
|
||||
CONFIG_FONT_8x8=y
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#
|
||||
# Automatically generated file; DO NOT EDIT.
|
||||
# Linux/x86 4.14.154-ipfire-pae Kernel Configuration
|
||||
# Linux/x86 4.14.170-ipfire Kernel Configuration
|
||||
#
|
||||
# CONFIG_64BIT is not set
|
||||
CONFIG_X86_32=y
|
||||
@@ -233,7 +233,7 @@ CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
CONFIG_SLAB_FREELIST_RANDOM=y
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
CONFIG_SLUB_CPU_PARTIAL=y
|
||||
# CONFIG_SYSTEM_DATA_VERIFICATION is not set
|
||||
CONFIG_SYSTEM_DATA_VERIFICATION=y
|
||||
# CONFIG_PROFILING is not set
|
||||
CONFIG_TRACEPOINTS=y
|
||||
CONFIG_HOTPLUG_SMT=y
|
||||
@@ -334,7 +334,15 @@ CONFIG_MODULE_UNLOAD=y
|
||||
# CONFIG_MODULE_FORCE_UNLOAD is not set
|
||||
CONFIG_MODVERSIONS=y
|
||||
CONFIG_MODULE_SRCVERSION_ALL=y
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
CONFIG_MODULE_SIG=y
|
||||
CONFIG_MODULE_SIG_FORCE=y
|
||||
CONFIG_MODULE_SIG_ALL=y
|
||||
# CONFIG_MODULE_SIG_SHA1 is not set
|
||||
# CONFIG_MODULE_SIG_SHA224 is not set
|
||||
# CONFIG_MODULE_SIG_SHA256 is not set
|
||||
# CONFIG_MODULE_SIG_SHA384 is not set
|
||||
CONFIG_MODULE_SIG_SHA512=y
|
||||
CONFIG_MODULE_SIG_HASH="sha512"
|
||||
CONFIG_MODULE_COMPRESS=y
|
||||
# CONFIG_MODULE_COMPRESS_GZIP is not set
|
||||
CONFIG_MODULE_COMPRESS_XZ=y
|
||||
@@ -398,7 +406,7 @@ CONFIG_IOSCHED_BFQ=y
|
||||
CONFIG_BFQ_GROUP_IOSCHED=y
|
||||
CONFIG_PREEMPT_NOTIFIERS=y
|
||||
CONFIG_PADATA=y
|
||||
CONFIG_ASN1=m
|
||||
CONFIG_ASN1=y
|
||||
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
|
||||
CONFIG_INLINE_READ_UNLOCK=y
|
||||
CONFIG_INLINE_READ_UNLOCK_IRQ=y
|
||||
@@ -6703,6 +6711,7 @@ CONFIG_DOUBLEFAULT=y
|
||||
# CONFIG_DEBUG_TLBFLUSH is not set
|
||||
# CONFIG_IOMMU_STRESS is not set
|
||||
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
|
||||
# CONFIG_X86_DECODER_SELFTEST is not set
|
||||
CONFIG_IO_DELAY_TYPE_0X80=0
|
||||
CONFIG_IO_DELAY_TYPE_0XED=1
|
||||
CONFIG_IO_DELAY_TYPE_UDELAY=2
|
||||
@@ -6766,6 +6775,7 @@ CONFIG_CRYPTO=y
|
||||
#
|
||||
# Crypto core or helper
|
||||
#
|
||||
# CONFIG_CRYPTO_FIPS is not set
|
||||
CONFIG_CRYPTO_ALGAPI=y
|
||||
CONFIG_CRYPTO_ALGAPI2=y
|
||||
CONFIG_CRYPTO_AEAD=y
|
||||
@@ -6778,11 +6788,11 @@ CONFIG_CRYPTO_RNG=y
|
||||
CONFIG_CRYPTO_RNG2=y
|
||||
CONFIG_CRYPTO_RNG_DEFAULT=y
|
||||
CONFIG_CRYPTO_AKCIPHER2=y
|
||||
CONFIG_CRYPTO_AKCIPHER=m
|
||||
CONFIG_CRYPTO_AKCIPHER=y
|
||||
CONFIG_CRYPTO_KPP2=y
|
||||
CONFIG_CRYPTO_KPP=m
|
||||
CONFIG_CRYPTO_ACOMP2=y
|
||||
CONFIG_CRYPTO_RSA=m
|
||||
CONFIG_CRYPTO_RSA=y
|
||||
CONFIG_CRYPTO_DH=m
|
||||
CONFIG_CRYPTO_ECDH=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
@@ -6851,7 +6861,7 @@ CONFIG_CRYPTO_RMD256=m
|
||||
CONFIG_CRYPTO_RMD320=m
|
||||
CONFIG_CRYPTO_SHA1=y
|
||||
CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA512=m
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
CONFIG_CRYPTO_SHA3=m
|
||||
CONFIG_CRYPTO_TGR192=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
@@ -6908,6 +6918,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER_API_RNG=m
|
||||
CONFIG_CRYPTO_USER_API_AEAD=m
|
||||
CONFIG_CRYPTO_HASH_INFO=y
|
||||
CONFIG_CRYPTO_HW=y
|
||||
CONFIG_CRYPTO_DEV_PADLOCK=m
|
||||
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
|
||||
@@ -6928,11 +6939,21 @@ CONFIG_CRYPTO_DEV_QAT_C3XXXVF=m
|
||||
CONFIG_CRYPTO_DEV_QAT_C62XVF=m
|
||||
CONFIG_CRYPTO_DEV_CHELSIO=m
|
||||
CONFIG_CRYPTO_DEV_VIRTIO=m
|
||||
# CONFIG_ASYMMETRIC_KEY_TYPE is not set
|
||||
CONFIG_ASYMMETRIC_KEY_TYPE=y
|
||||
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
|
||||
CONFIG_X509_CERTIFICATE_PARSER=y
|
||||
CONFIG_PKCS7_MESSAGE_PARSER=y
|
||||
CONFIG_PKCS7_TEST_KEY=m
|
||||
# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
|
||||
|
||||
#
|
||||
# Certificates for signature checking
|
||||
#
|
||||
CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
|
||||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
CONFIG_HAVE_KVM=y
|
||||
CONFIG_HAVE_KVM_IRQCHIP=y
|
||||
@@ -7040,8 +7061,8 @@ CONFIG_CLZ_TAB=y
|
||||
CONFIG_CORDIC=m
|
||||
# CONFIG_DDR is not set
|
||||
CONFIG_IRQ_POLL=y
|
||||
CONFIG_MPILIB=m
|
||||
CONFIG_OID_REGISTRY=m
|
||||
CONFIG_MPILIB=y
|
||||
CONFIG_OID_REGISTRY=y
|
||||
CONFIG_UCS2_STRING=y
|
||||
CONFIG_FONT_SUPPORT=y
|
||||
# CONFIG_FONTS is not set
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#
|
||||
# Automatically generated file; DO NOT EDIT.
|
||||
# Linux/x86 4.14.154-ipfire-pae Kernel Configuration
|
||||
# Linux/x86 4.14.170-ipfire-pae Kernel Configuration
|
||||
#
|
||||
# CONFIG_64BIT is not set
|
||||
CONFIG_X86_32=y
|
||||
@@ -233,7 +233,7 @@ CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
CONFIG_SLAB_FREELIST_RANDOM=y
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
CONFIG_SLUB_CPU_PARTIAL=y
|
||||
# CONFIG_SYSTEM_DATA_VERIFICATION is not set
|
||||
CONFIG_SYSTEM_DATA_VERIFICATION=y
|
||||
# CONFIG_PROFILING is not set
|
||||
CONFIG_TRACEPOINTS=y
|
||||
CONFIG_HOTPLUG_SMT=y
|
||||
@@ -335,7 +335,15 @@ CONFIG_MODULE_UNLOAD=y
|
||||
# CONFIG_MODULE_FORCE_UNLOAD is not set
|
||||
CONFIG_MODVERSIONS=y
|
||||
CONFIG_MODULE_SRCVERSION_ALL=y
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
CONFIG_MODULE_SIG=y
|
||||
CONFIG_MODULE_SIG_FORCE=y
|
||||
CONFIG_MODULE_SIG_ALL=y
|
||||
# CONFIG_MODULE_SIG_SHA1 is not set
|
||||
# CONFIG_MODULE_SIG_SHA224 is not set
|
||||
# CONFIG_MODULE_SIG_SHA256 is not set
|
||||
# CONFIG_MODULE_SIG_SHA384 is not set
|
||||
CONFIG_MODULE_SIG_SHA512=y
|
||||
CONFIG_MODULE_SIG_HASH="sha512"
|
||||
CONFIG_MODULE_COMPRESS=y
|
||||
# CONFIG_MODULE_COMPRESS_GZIP is not set
|
||||
CONFIG_MODULE_COMPRESS_XZ=y
|
||||
@@ -399,7 +407,7 @@ CONFIG_IOSCHED_BFQ=y
|
||||
CONFIG_BFQ_GROUP_IOSCHED=y
|
||||
CONFIG_PREEMPT_NOTIFIERS=y
|
||||
CONFIG_PADATA=y
|
||||
CONFIG_ASN1=m
|
||||
CONFIG_ASN1=y
|
||||
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
|
||||
CONFIG_INLINE_READ_UNLOCK=y
|
||||
CONFIG_INLINE_READ_UNLOCK_IRQ=y
|
||||
@@ -6709,6 +6717,7 @@ CONFIG_DOUBLEFAULT=y
|
||||
# CONFIG_DEBUG_TLBFLUSH is not set
|
||||
# CONFIG_IOMMU_STRESS is not set
|
||||
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
|
||||
# CONFIG_X86_DECODER_SELFTEST is not set
|
||||
CONFIG_IO_DELAY_TYPE_0X80=0
|
||||
CONFIG_IO_DELAY_TYPE_0XED=1
|
||||
CONFIG_IO_DELAY_TYPE_UDELAY=2
|
||||
@@ -6772,6 +6781,7 @@ CONFIG_CRYPTO=y
|
||||
#
|
||||
# Crypto core or helper
|
||||
#
|
||||
# CONFIG_CRYPTO_FIPS is not set
|
||||
CONFIG_CRYPTO_ALGAPI=y
|
||||
CONFIG_CRYPTO_ALGAPI2=y
|
||||
CONFIG_CRYPTO_AEAD=y
|
||||
@@ -6784,11 +6794,11 @@ CONFIG_CRYPTO_RNG=y
|
||||
CONFIG_CRYPTO_RNG2=y
|
||||
CONFIG_CRYPTO_RNG_DEFAULT=y
|
||||
CONFIG_CRYPTO_AKCIPHER2=y
|
||||
CONFIG_CRYPTO_AKCIPHER=m
|
||||
CONFIG_CRYPTO_AKCIPHER=y
|
||||
CONFIG_CRYPTO_KPP2=y
|
||||
CONFIG_CRYPTO_KPP=m
|
||||
CONFIG_CRYPTO_ACOMP2=y
|
||||
CONFIG_CRYPTO_RSA=m
|
||||
CONFIG_CRYPTO_RSA=y
|
||||
CONFIG_CRYPTO_DH=m
|
||||
CONFIG_CRYPTO_ECDH=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
@@ -6857,7 +6867,7 @@ CONFIG_CRYPTO_RMD256=m
|
||||
CONFIG_CRYPTO_RMD320=m
|
||||
CONFIG_CRYPTO_SHA1=y
|
||||
CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA512=m
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
CONFIG_CRYPTO_SHA3=m
|
||||
CONFIG_CRYPTO_TGR192=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
@@ -6914,6 +6924,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER_API_RNG=m
|
||||
CONFIG_CRYPTO_USER_API_AEAD=m
|
||||
CONFIG_CRYPTO_HASH_INFO=y
|
||||
CONFIG_CRYPTO_HW=y
|
||||
CONFIG_CRYPTO_DEV_PADLOCK=m
|
||||
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
|
||||
@@ -6933,11 +6944,21 @@ CONFIG_CRYPTO_DEV_QAT_C3XXXVF=m
|
||||
CONFIG_CRYPTO_DEV_QAT_C62XVF=m
|
||||
CONFIG_CRYPTO_DEV_CHELSIO=m
|
||||
CONFIG_CRYPTO_DEV_VIRTIO=m
|
||||
# CONFIG_ASYMMETRIC_KEY_TYPE is not set
|
||||
CONFIG_ASYMMETRIC_KEY_TYPE=y
|
||||
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
|
||||
CONFIG_X509_CERTIFICATE_PARSER=y
|
||||
CONFIG_PKCS7_MESSAGE_PARSER=y
|
||||
CONFIG_PKCS7_TEST_KEY=m
|
||||
# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
|
||||
|
||||
#
|
||||
# Certificates for signature checking
|
||||
#
|
||||
CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
|
||||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
CONFIG_HAVE_KVM=y
|
||||
CONFIG_HAVE_KVM_IRQCHIP=y
|
||||
@@ -7045,8 +7066,8 @@ CONFIG_CLZ_TAB=y
|
||||
CONFIG_CORDIC=m
|
||||
# CONFIG_DDR is not set
|
||||
CONFIG_IRQ_POLL=y
|
||||
CONFIG_MPILIB=m
|
||||
CONFIG_OID_REGISTRY=m
|
||||
CONFIG_MPILIB=y
|
||||
CONFIG_OID_REGISTRY=y
|
||||
CONFIG_UCS2_STRING=y
|
||||
CONFIG_FONT_SUPPORT=y
|
||||
# CONFIG_FONTS is not set
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#
|
||||
# Automatically generated file; DO NOT EDIT.
|
||||
# Linux/x86 4.14.154-ipfire Kernel Configuration
|
||||
# Linux/x86 4.14.170-ipfire Kernel Configuration
|
||||
#
|
||||
CONFIG_64BIT=y
|
||||
CONFIG_X86_64=y
|
||||
@@ -242,7 +242,7 @@ CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
CONFIG_SLAB_FREELIST_RANDOM=y
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
CONFIG_SLUB_CPU_PARTIAL=y
|
||||
# CONFIG_SYSTEM_DATA_VERIFICATION is not set
|
||||
CONFIG_SYSTEM_DATA_VERIFICATION=y
|
||||
# CONFIG_PROFILING is not set
|
||||
CONFIG_TRACEPOINTS=y
|
||||
CONFIG_HOTPLUG_SMT=y
|
||||
@@ -354,7 +354,15 @@ CONFIG_MODULE_UNLOAD=y
|
||||
# CONFIG_MODULE_FORCE_UNLOAD is not set
|
||||
CONFIG_MODVERSIONS=y
|
||||
CONFIG_MODULE_SRCVERSION_ALL=y
|
||||
# CONFIG_MODULE_SIG is not set
|
||||
CONFIG_MODULE_SIG=y
|
||||
CONFIG_MODULE_SIG_FORCE=y
|
||||
CONFIG_MODULE_SIG_ALL=y
|
||||
# CONFIG_MODULE_SIG_SHA1 is not set
|
||||
# CONFIG_MODULE_SIG_SHA224 is not set
|
||||
# CONFIG_MODULE_SIG_SHA256 is not set
|
||||
# CONFIG_MODULE_SIG_SHA384 is not set
|
||||
CONFIG_MODULE_SIG_SHA512=y
|
||||
CONFIG_MODULE_SIG_HASH="sha512"
|
||||
CONFIG_MODULE_COMPRESS=y
|
||||
# CONFIG_MODULE_COMPRESS_GZIP is not set
|
||||
CONFIG_MODULE_COMPRESS_XZ=y
|
||||
@@ -418,7 +426,7 @@ CONFIG_IOSCHED_BFQ=y
|
||||
CONFIG_BFQ_GROUP_IOSCHED=y
|
||||
CONFIG_PREEMPT_NOTIFIERS=y
|
||||
CONFIG_PADATA=y
|
||||
CONFIG_ASN1=m
|
||||
CONFIG_ASN1=y
|
||||
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
|
||||
CONFIG_INLINE_READ_UNLOCK=y
|
||||
CONFIG_INLINE_READ_UNLOCK_IRQ=y
|
||||
@@ -6565,6 +6573,7 @@ CONFIG_DOUBLEFAULT=y
|
||||
# CONFIG_DEBUG_TLBFLUSH is not set
|
||||
# CONFIG_IOMMU_STRESS is not set
|
||||
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
|
||||
# CONFIG_X86_DECODER_SELFTEST is not set
|
||||
CONFIG_IO_DELAY_TYPE_0X80=0
|
||||
CONFIG_IO_DELAY_TYPE_0XED=1
|
||||
CONFIG_IO_DELAY_TYPE_UDELAY=2
|
||||
@@ -6630,6 +6639,7 @@ CONFIG_CRYPTO=y
|
||||
#
|
||||
# Crypto core or helper
|
||||
#
|
||||
# CONFIG_CRYPTO_FIPS is not set
|
||||
CONFIG_CRYPTO_ALGAPI=y
|
||||
CONFIG_CRYPTO_ALGAPI2=y
|
||||
CONFIG_CRYPTO_AEAD=y
|
||||
@@ -6642,11 +6652,11 @@ CONFIG_CRYPTO_RNG=y
|
||||
CONFIG_CRYPTO_RNG2=y
|
||||
CONFIG_CRYPTO_RNG_DEFAULT=y
|
||||
CONFIG_CRYPTO_AKCIPHER2=y
|
||||
CONFIG_CRYPTO_AKCIPHER=m
|
||||
CONFIG_CRYPTO_AKCIPHER=y
|
||||
CONFIG_CRYPTO_KPP2=y
|
||||
CONFIG_CRYPTO_KPP=m
|
||||
CONFIG_CRYPTO_ACOMP2=y
|
||||
CONFIG_CRYPTO_RSA=m
|
||||
CONFIG_CRYPTO_RSA=y
|
||||
CONFIG_CRYPTO_DH=m
|
||||
CONFIG_CRYPTO_ECDH=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
@@ -6723,7 +6733,7 @@ CONFIG_CRYPTO_SHA1_MB=m
|
||||
CONFIG_CRYPTO_SHA256_MB=m
|
||||
CONFIG_CRYPTO_SHA512_MB=m
|
||||
CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA512=m
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
CONFIG_CRYPTO_SHA3=m
|
||||
CONFIG_CRYPTO_TGR192=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
@@ -6793,6 +6803,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER_API_RNG=m
|
||||
CONFIG_CRYPTO_USER_API_AEAD=m
|
||||
CONFIG_CRYPTO_HASH_INFO=y
|
||||
CONFIG_CRYPTO_HW=y
|
||||
CONFIG_CRYPTO_DEV_PADLOCK=m
|
||||
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
|
||||
@@ -6813,11 +6824,21 @@ CONFIG_CRYPTO_DEV_NITROX=m
|
||||
CONFIG_CRYPTO_DEV_NITROX_CNN55XX=m
|
||||
CONFIG_CRYPTO_DEV_CHELSIO=m
|
||||
CONFIG_CRYPTO_DEV_VIRTIO=m
|
||||
# CONFIG_ASYMMETRIC_KEY_TYPE is not set
|
||||
CONFIG_ASYMMETRIC_KEY_TYPE=y
|
||||
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
|
||||
CONFIG_X509_CERTIFICATE_PARSER=y
|
||||
CONFIG_PKCS7_MESSAGE_PARSER=y
|
||||
# CONFIG_PKCS7_TEST_KEY is not set
|
||||
# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
|
||||
|
||||
#
|
||||
# Certificates for signature checking
|
||||
#
|
||||
CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
|
||||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
CONFIG_HAVE_KVM=y
|
||||
CONFIG_HAVE_KVM_IRQCHIP=y
|
||||
@@ -6925,8 +6946,8 @@ CONFIG_CLZ_TAB=y
|
||||
CONFIG_CORDIC=m
|
||||
# CONFIG_DDR is not set
|
||||
CONFIG_IRQ_POLL=y
|
||||
CONFIG_MPILIB=m
|
||||
CONFIG_OID_REGISTRY=m
|
||||
CONFIG_MPILIB=y
|
||||
CONFIG_OID_REGISTRY=y
|
||||
CONFIG_UCS2_STRING=y
|
||||
CONFIG_FONT_SUPPORT=y
|
||||
# CONFIG_FONTS is not set
|
||||
|
||||
17
config/kernel/x509.genkey
Normal file
17
config/kernel/x509.genkey
Normal file
@@ -0,0 +1,17 @@
|
||||
[ req ]
|
||||
default_bits = 4096
|
||||
distinguished_name = req_distinguished_name
|
||||
prompt = no
|
||||
string_mask = utf8only
|
||||
x509_extensions = myexts
|
||||
|
||||
[ req_distinguished_name ]
|
||||
O = IPFire.org
|
||||
CN = Build time autogenerated kernel key
|
||||
emailAddress = development@lists.ipfire.org
|
||||
|
||||
[ myexts ]
|
||||
basicConstraints=critical,CA:FALSE
|
||||
keyUsage=digitalSignature
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid
|
||||
@@ -2092,6 +2092,8 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/certs
|
||||
#lib/modules/KVER-ipfire/build/certs/Kconfig
|
||||
#lib/modules/KVER-ipfire/build/certs/Makefile
|
||||
#lib/modules/KVER-ipfire/build/certs/signing_key.pem
|
||||
#lib/modules/KVER-ipfire/build/certs/signing_key.x509
|
||||
#lib/modules/KVER-ipfire/build/crypto
|
||||
#lib/modules/KVER-ipfire/build/crypto/Kconfig
|
||||
#lib/modules/KVER-ipfire/build/crypto/Makefile
|
||||
@@ -6198,6 +6200,12 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/include/config/asus/nb/wmi.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/asus/wireless.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/asus/wmi.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/asymmetric
|
||||
#lib/modules/KVER-ipfire/build/include/config/asymmetric/key
|
||||
#lib/modules/KVER-ipfire/build/include/config/asymmetric/key/type.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/asymmetric/public
|
||||
#lib/modules/KVER-ipfire/build/include/config/asymmetric/public/key
|
||||
#lib/modules/KVER-ipfire/build/include/config/asymmetric/public/key/subtype.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/async
|
||||
#lib/modules/KVER-ipfire/build/include/config/async/core.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/async/memcpy.h
|
||||
@@ -6853,7 +6861,9 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/glue
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/glue/helper
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/glue/helper/x86.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/hash
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/hash.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/hash/info.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/hash2.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/hmac.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/crypto/hw.h
|
||||
@@ -9077,6 +9087,13 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/compress
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/compress.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/compress/xz.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig/all.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig/force.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig/hash.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig/key.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/sig/sha512.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/srcversion
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/srcversion/all.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/module/unload.h
|
||||
@@ -10008,6 +10025,11 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/include/config/pinctrl/lewisburg.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/pinctrl/mcp23s08.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/pinmux.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/pkcs7
|
||||
#lib/modules/KVER-ipfire/build/include/config/pkcs7/message
|
||||
#lib/modules/KVER-ipfire/build/include/config/pkcs7/message/parser.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/pkcs7/test
|
||||
#lib/modules/KVER-ipfire/build/include/config/pkcs7/test/key.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/plx
|
||||
#lib/modules/KVER-ipfire/build/include/config/plx/hermes.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/pm
|
||||
@@ -11265,6 +11287,12 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/include/config/sysfs
|
||||
#lib/modules/KVER-ipfire/build/include/config/sysfs.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/sysfs/syscall.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/system
|
||||
#lib/modules/KVER-ipfire/build/include/config/system/data
|
||||
#lib/modules/KVER-ipfire/build/include/config/system/data/verification.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/system/trusted
|
||||
#lib/modules/KVER-ipfire/build/include/config/system/trusted/keyring.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/system/trusted/keys.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/sysvipc
|
||||
#lib/modules/KVER-ipfire/build/include/config/sysvipc.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/sysvipc/sysctl.h
|
||||
@@ -12118,6 +12146,9 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/include/config/wlcore/sdio.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/wmi
|
||||
#lib/modules/KVER-ipfire/build/include/config/wmi/bmof.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/x509
|
||||
#lib/modules/KVER-ipfire/build/include/config/x509/certificate
|
||||
#lib/modules/KVER-ipfire/build/include/config/x509/certificate/parser.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/x86
|
||||
#lib/modules/KVER-ipfire/build/include/config/x86.h
|
||||
#lib/modules/KVER-ipfire/build/include/config/x86/32
|
||||
@@ -17577,6 +17608,7 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/scripts/dtc/util.h
|
||||
#lib/modules/KVER-ipfire/build/scripts/dtc/version_gen.h
|
||||
#lib/modules/KVER-ipfire/build/scripts/export_report.pl
|
||||
#lib/modules/KVER-ipfire/build/scripts/extract-cert
|
||||
#lib/modules/KVER-ipfire/build/scripts/extract-cert.c
|
||||
#lib/modules/KVER-ipfire/build/scripts/extract-ikconfig
|
||||
#lib/modules/KVER-ipfire/build/scripts/extract-module-sig.pl
|
||||
@@ -17758,6 +17790,7 @@ etc/modprobe.d/ipv6.conf
|
||||
#lib/modules/KVER-ipfire/build/scripts/selinux/mdp/mdp.c
|
||||
#lib/modules/KVER-ipfire/build/scripts/setlocalversion
|
||||
#lib/modules/KVER-ipfire/build/scripts/show_delta
|
||||
#lib/modules/KVER-ipfire/build/scripts/sign-file
|
||||
#lib/modules/KVER-ipfire/build/scripts/sign-file.c
|
||||
#lib/modules/KVER-ipfire/build/scripts/sortextable
|
||||
#lib/modules/KVER-ipfire/build/scripts/sortextable.c
|
||||
@@ -18485,6 +18518,8 @@ lib/modules/KVER-ipfire/kernel
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/ansi_cprng.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/anubis.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/arc4.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/asymmetric_keys
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/asymmetric_keys/pkcs7_test_key.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/async_tx
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/async_tx/async_memcpy.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/async_tx/async_pq.ko.xz
|
||||
@@ -18527,12 +18562,10 @@ lib/modules/KVER-ipfire/kernel
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/rmd160.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/rmd256.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/rmd320.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/rsa_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/salsa20_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/seed.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/serpent_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/sha3_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/sha512_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/tcrypt.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/tea.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/crypto/tgr192.ko.xz
|
||||
@@ -21202,7 +21235,6 @@ lib/modules/KVER-ipfire/kernel
|
||||
#lib/modules/KVER-ipfire/kernel/lib/842
|
||||
#lib/modules/KVER-ipfire/kernel/lib/842/842_compress.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/842/842_decompress.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/asn1_decoder.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/cordic.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/crc-itu-t.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/crc7.ko.xz
|
||||
@@ -21212,9 +21244,6 @@ lib/modules/KVER-ipfire/kernel
|
||||
#lib/modules/KVER-ipfire/kernel/lib/lz4/lz4hc_compress.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/lzo
|
||||
#lib/modules/KVER-ipfire/kernel/lib/lzo/lzo_compress.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/mpi
|
||||
#lib/modules/KVER-ipfire/kernel/lib/mpi/mpi.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/oid_registry.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/parman.ko.xz
|
||||
#lib/modules/KVER-ipfire/kernel/lib/raid6
|
||||
#lib/modules/KVER-ipfire/kernel/lib/raid6/raid6_pq.ko.xz
|
||||
|
||||
@@ -2092,6 +2092,8 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/certs
|
||||
#lib/modules/KVER-ipfire-pae/build/certs/Kconfig
|
||||
#lib/modules/KVER-ipfire-pae/build/certs/Makefile
|
||||
#lib/modules/KVER-ipfire-pae/build/certs/signing_key.pem
|
||||
#lib/modules/KVER-ipfire-pae/build/certs/signing_key.x509
|
||||
#lib/modules/KVER-ipfire-pae/build/crypto
|
||||
#lib/modules/KVER-ipfire-pae/build/crypto/Kconfig
|
||||
#lib/modules/KVER-ipfire-pae/build/crypto/Makefile
|
||||
@@ -6204,6 +6206,12 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asus/nb/wmi.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asus/wireless.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asus/wmi.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/key
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/key/type.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/public
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/public/key
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/public/key/subtype.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/async
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/async/core.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/async/memcpy.h
|
||||
@@ -6862,7 +6870,9 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/glue
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/glue/helper
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/glue/helper/x86.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash/info.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash2.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hmac.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hw.h
|
||||
@@ -9076,6 +9086,13 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/compress
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/compress.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/compress/xz.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/all.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/force.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/hash.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/key.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/sha512.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/srcversion
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/srcversion/all.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/module/unload.h
|
||||
@@ -10012,6 +10029,11 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pinctrl/lewisburg.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pinctrl/mcp23s08.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pinmux.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/message
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/message/parser.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/test
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/test/key.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/plx
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/plx/hermes.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/pm
|
||||
@@ -11268,6 +11290,12 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/sysfs
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/sysfs.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/sysfs/syscall.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/system
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/system/data
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/system/data/verification.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/system/trusted
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/system/trusted/keyring.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/system/trusted/keys.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/sysvipc
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/sysvipc.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/sysvipc/sysctl.h
|
||||
@@ -12121,6 +12149,9 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/wlcore/sdio.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/wmi
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/wmi/bmof.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/x509
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/x509/certificate
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/x509/certificate/parser.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/x86
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/x86.h
|
||||
#lib/modules/KVER-ipfire-pae/build/include/config/x86/32
|
||||
@@ -17647,6 +17678,7 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/dtc/util.h
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/dtc/version_gen.h
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/export_report.pl
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/extract-cert
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/extract-cert.c
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/extract-ikconfig
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/extract-module-sig.pl
|
||||
@@ -17828,6 +17860,7 @@ boot/vmlinuz-KVER-ipfire-pae
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/selinux/mdp/mdp.c
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/setlocalversion
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/show_delta
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/sign-file
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/sign-file.c
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/sortextable
|
||||
#lib/modules/KVER-ipfire-pae/build/scripts/sortextable.c
|
||||
@@ -18555,6 +18588,8 @@ lib/modules/KVER-ipfire-pae/kernel
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/ansi_cprng.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/anubis.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/arc4.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/asymmetric_keys
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/asymmetric_keys/pkcs7_test_key.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/async_tx
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/async_tx/async_memcpy.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/async_tx/async_pq.ko.xz
|
||||
@@ -18597,12 +18632,10 @@ lib/modules/KVER-ipfire-pae/kernel
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/rmd160.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/rmd256.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/rmd320.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/rsa_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/salsa20_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/seed.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/serpent_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/sha3_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/sha512_generic.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/tcrypt.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/tea.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/crypto/tgr192.ko.xz
|
||||
@@ -21288,7 +21321,6 @@ lib/modules/KVER-ipfire-pae/kernel
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/842
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/842/842_compress.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/842/842_decompress.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/asn1_decoder.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/cordic.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/crc-itu-t.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/crc4.ko.xz
|
||||
@@ -21299,9 +21331,6 @@ lib/modules/KVER-ipfire-pae/kernel
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/lz4/lz4hc_compress.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/lzo
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/lzo/lzo_compress.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/mpi
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/mpi/mpi.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/oid_registry.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/parman.ko.xz
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/raid6
|
||||
#lib/modules/KVER-ipfire-pae/kernel/lib/raid6/raid6_pq.ko.xz
|
||||
|
||||
@@ -178,6 +178,9 @@ else
|
||||
cd $(DIR_APP) && make clean
|
||||
cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ -$(VERSUFIX)/' Makefile
|
||||
|
||||
# Copy Module signing key configuration
|
||||
cp -f $(DIR_SRC)/config/kernel/x509.genkey $(DIR_APP)/certs/x509.genkey
|
||||
|
||||
# Remove modules folder if exists
|
||||
rm -rf /lib/modules/$(VER)-$(VERSUFIX)
|
||||
|
||||
@@ -219,6 +222,9 @@ endif
|
||||
cd $(DIR_APP) && cp -a --parents arch/$(HEADERS_ARCH)/include /lib/modules/$(VER)-$(VERSUFIX)/build
|
||||
cd $(DIR_APP) && cp -a include /lib/modules/$(VER)-$(VERSUFIX)/build/include
|
||||
|
||||
# Copy module signing key for off tree modules
|
||||
cd $(DIR_APP) && cp -f certs/signing_key.* /lib/modules/$(VER)-$(VERSUFIX)/build/certs/
|
||||
|
||||
# Install objtool
|
||||
cd $(DIR_APP) && cp -a tools/objtool/objtool \
|
||||
/lib/modules/$(VER)-$(VERSUFIX)/build/tools/objtool/ || :
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
###############################################################################
|
||||
# #
|
||||
# IPFire.org - A linux based firewall #
|
||||
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
|
||||
# Copyright (C) 2007-2020 IPFire Team <info@ipfire.org> #
|
||||
# #
|
||||
# This program is free software: you can redistribute it and/or modify #
|
||||
# it under the terms of the GNU General Public License as published by #
|
||||
@@ -106,9 +106,14 @@ else
|
||||
cd $(DIR_APP) && make $(MAKETUNING)
|
||||
|
||||
# Install the built kernel modules.
|
||||
mkdir -p $(MODPATH)
|
||||
cd $(DIR_APP) && for f in $$(ls extensions/*.ko); do \
|
||||
mkdir -p $(MODPATH); \
|
||||
install -m 644 $$f $(MODPATH); \
|
||||
/lib/modules/$$(uname -r)$(KCFG)/build/scripts/sign-file sha512 \
|
||||
/lib/modules/$$(uname -r)$(KCFG)/build/certs/signing_key.pem \
|
||||
/lib/modules/$$(uname -r)$(KCFG)/build/certs/signing_key.x509 \
|
||||
$$f; \
|
||||
xz $$f; \
|
||||
install -m 644 $$f.xz $(MODPATH); \
|
||||
done
|
||||
endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user