linux

mirror of https://github.com/torvalds/linux.git synced 2026-03-08 02:44:41 +01:00

History

Linus Torvalds a7423e6ea2 Modules changes for v7.0-rc1 Module signing: - Remove SHA-1 support for signing modules. SHA-1 is no longer considered secure for signatures due to vulnerabilities that can lead to hash collisions. None of the major distributions use SHA-1 anymore, and the kernel has defaulted to SHA-512 since v6.11. Note that loading SHA-1 signed modules is still supported. - Update scripts/sign-file to use only the OpenSSL CMS API for signing. As SHA-1 support is gone, we can drop the legacy PKCS#7 API which was limited to SHA-1. This also cleans up support for legacy OpenSSL versions. Cleanups and fixes: - Use system_dfl_wq instead of the per-cpu system_wq following the ongoing workqueue API refactoring. - Avoid open-coded kvrealloc() in module decompression logic by using the standard helper. - Improve section annotations by replacing the custom __modinit with __init_or_module and removing several unused __INIT_OR_MODULE macros. - Fix kernel-doc warnings in include/linux/moduleparam.h. - Ensure set_module_sig_enforced is only declared when module signing is enabled. - Fix gendwarfksyms build failures on 32-bit hosts. MAINTAINERS: - Update the module subsystem entry to reflect the maintainer rotation and update the git repository link. The changes have been soaking in linux-next since -rc2. Note that like Daniel mentioned in the previous pull request [1], we rotate maintainership every 6 months, and I will be handling the module subsystem pull requests for the first half of this year. Link: https://lore.kernel.org/r/20251203234840.3720-1-da.gomez@kernel.org [1] Signed-off-by: Sami Tolvanen <samitolvanen@google.com> -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQSE9au1u/dCZerzchhaByWrOaGnegUCaYYeeAAKCRBaByWrOaGn epIxAQDU/VSAC491S9/5dAUeGbOis9/p6QJKQlNgEqU4oTlOsgEA0p8BZ9Spkwzd v9BfIl3j9qVt7wUdlLdbHfdvPgtUVgc= =at6w -----END PGP SIGNATURE----- Merge tag 'modules-7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/modules/linux Pull module updates from Sami Tolvanen: "Module signing: - Remove SHA-1 support for signing modules. SHA-1 is no longer considered secure for signatures due to vulnerabilities that can lead to hash collisions. None of the major distributions use SHA-1 anymore, and the kernel has defaulted to SHA-512 since v6.11. Note that loading SHA-1 signed modules is still supported. - Update scripts/sign-file to use only the OpenSSL CMS API for signing. As SHA-1 support is gone, we can drop the legacy PKCS#7 API which was limited to SHA-1. This also cleans up support for legacy OpenSSL versions. Cleanups and fixes: - Use system_dfl_wq instead of the per-cpu system_wq following the ongoing workqueue API refactoring. - Avoid open-coded kvrealloc() in module decompression logic by using the standard helper. - Improve section annotations by replacing the custom __modinit with __init_or_module and removing several unused __INIT_OR_MODULE macros. - Fix kernel-doc warnings in include/linux/moduleparam.h. - Ensure set_module_sig_enforced is only declared when module signing is enabled. - Fix gendwarfksyms build failures on 32-bit hosts. MAINTAINERS: - Update the module subsystem entry to reflect the maintainer rotation and update the git repository link" * tag 'modules-7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/modules/linux: modules: moduleparam.h: fix kernel-doc comments module: Only declare set_module_sig_enforced when CONFIG_MODULE_SIG=y module/decompress: Avoid open-coded kvrealloc() gendwarfksyms: Fix build on 32-bit hosts sign-file: Use only the OpenSSL CMS API for signing module: Remove SHA-1 support for module signing module: replace use of system_wq with system_dfl_wq params: Replace __modinit with __init_or_module module: Remove unused __INIT*_OR_MODULE macros MAINTAINERS: Update module subsystem maintainers and repository		2026-02-10 09:49:18 -08:00
..
atomic	atomic: Skip alignment check for try_cmpxchg() old arg	2025-10-21 12:31:56 +02:00
bash-completion	kbuild: add Kbuild bash completion	2025-03-15 21:22:52 +09:00
basic	integer-wrap: Force full rebuild when .scl file changes	2025-05-08 09:42:06 -07:00
clang-tools	Revert "scripts/clang-tools: Handle included .c files in gen_compile_commands"	2025-12-27 20:48:01 +01:00
coccinelle	coccinelle: Add kmalloc_objs conversion script	2026-02-09 10:48:20 -08:00
crypto	lib/crypto: tests: Add KUnit tests for NH	2026-01-12 11:07:49 -08:00
dtc	scripts: dt_to_config: fix grammar and a typo in --help text	2025-09-26 15:53:30 -05:00
dummy-tools	kbuild: dummy-tools: pretend we understand -fpatchable-function-entry	2023-11-01 23:24:56 +09:00
gcc-plugins	gcc-plugins: Remove TODO_verify_il for GCC >= 16	2025-09-23 13:59:39 -07:00
gdb	scripts/gdb/symbols: make BPF debug info available to GDB	2025-11-20 14:03:42 -08:00
gendwarfksyms	gendwarfksyms: Fix build on 32-bit hosts	2025-12-22 16:35:54 +00:00
genksyms	genksyms: Fix enum consts from a reference affecting new values	2025-06-07 14:38:07 +09:00
include	scripts: import more list macros	2024-10-07 02:12:27 +09:00
ipe	scripts: ipe: polgen: remove redundant close and error exit path	2024-11-19 13:57:03 -08:00
kconfig	kconfig: fix static linking of nconf	2026-01-14 14:23:20 +01:00
ksymoops
livepatch	livepatch: Free klp_{object,func}_ext data after initialization	2026-02-05 08:00:45 -08:00
mod	mcb: Add missing modpost build support	2025-12-27 20:48:01 +01:00
package	kbuild: rpm-pkg: Generate debuginfo package manually	2026-01-28 11:51:24 +01:00
selinux	docs: Remove remainders of reiserfs	2025-08-18 10:45:43 -06:00
tracing	scripts/tracing: Remove scripts/tracing/draw_functrace.py	2025-03-20 07:02:21 -04:00
.gitignore	scripts: add tracepoint-update to the list of ignores files	2025-10-29 08:46:05 -04:00
as-version.sh
asn1_compiler.c
bloat-o-meter	scripts/bloat-o-meter: count weak symbol sizes	2023-08-21 13:46:25 -07:00
bootgraph.pl
bpf_doc.py	bpf: Finish constification of 1st parameter of bpf_d_path()	2025-10-04 09:05:23 -07:00
build-version	kbuild: move init/build-version to scripts/	2024-07-16 01:08:37 +09:00
cc-can-link.sh	kbuild: don't enable CC_CAN_LINK if the dummy program generates warnings	2025-11-14 20:20:34 +01:00
cc-version.sh
check-function-names.sh	kbuild: prefer ${NM} in check-function-names.sh	2026-01-14 14:13:41 +01:00
check-git
check-sysctl-docs	docs: Replace spaces with tabs in check-sysctl-docs	2025-07-23 11:57:05 +02:00
check-uapi.sh	check-uapi: Introduce check-uapi.sh	2023-12-29 22:25:20 +09:00
check_extable.sh
checkdeclares.pl
checkincludes.pl
checkkconfigsymbols.py
checkpatch.pl	kmalloc_obj branch for v7.0-rc1	2026-02-10 09:11:21 -08:00
checkstack.pl	scripts/checkstack.pl: fix no space expression between sp and offset	2023-12-29 12:22:28 -08:00
checksyscalls.sh
checkversion.pl
cleanfile
cleanpatch
coccicheck	scripts: coccicheck: filter *.cocci files by MODE	2025-12-21 21:04:45 +01:00
config	kbuild: fix argument parsing in scripts/config	2025-03-15 21:22:42 +09:00
const_structs.checkpatch	const_structs.checkpatch: add bin_attribute	2025-06-17 10:44:07 +02:00
decode_stacktrace.sh	scripts/decode_stacktrace.sh: fix build ID and PC source parsing	2025-11-09 21:19:45 -08:00
decodecode	scripts/decodecode: add support for LoongArch	2023-12-29 12:22:25 -08:00
depmod.sh	kbuild: add $(objtree)/ prefix to some in-kernel build artifacts	2024-11-27 09:38:27 +09:00
dev-needs.sh
diffconfig
elf-parse.c	sorttable: Move ELF parsing into scripts/elf-parse.[ch]	2025-10-24 16:43:14 -04:00
elf-parse.h	sorttable: Move ELF parsing into scripts/elf-parse.[ch]	2025-10-24 16:43:14 -04:00
extract-fwblobs	scripts: add script to extract built-in firmware blobs	2025-03-16 22:30:46 -07:00
extract-ikconfig
extract-module-sig.pl
extract-sys-certs.pl
extract-vmlinux	extract-vmlinux: Output used decompression method	2025-08-28 15:25:48 -07:00
extract_xc3028.pl
faddr2line	scripts/faddr2line: Fix "Argument list too long" error	2025-10-14 14:45:20 -07:00
file-size.sh
gen-crc-consts.py	riscv/crc: add "template" for Zbc optimized CRC functions	2025-03-10 09:29:08 -07:00
gen-randstruct-seed.sh
gen_packed_field_checks.c	lib: packing: add pack_fields() and unpack_fields()	2024-12-11 20:13:00 -08:00
generate_builtin_ranges.awk	kbuild: exclude .rodata.(cst\|str)* when building ranges	2025-03-15 21:22:52 +09:00
generate_initcall_order.pl
generate_rust_analyzer.py	scripts: generate_rust_analyzer: fix resolution of #[pin_data] macros	2026-01-26 02:19:29 +01:00
generate_rust_target.rs	rust: support Rust >= 1.91.0 target spec	2025-08-31 23:34:34 +02:00
get_dvb_firmware
get_maintainer.pl	get_maintainer: stop reporting subsystem status as maintainer role	2025-03-16 22:30:49 -07:00
gfp-translate	scripts: fix gfp-translate after ___GFP_*_BITS conversion to an enum	2024-09-01 17:59:01 -07:00
git-resolve.sh	git-resolve: add SPDX and copyright line	2025-04-25 15:54:24 +02:00
git.orderFile	scripts: Introduce a default git.orderFile	2023-12-29 22:25:20 +09:00
head-object-list.txt	openrisc: place exception table at the head of vmlinux	2024-12-10 12:04:19 +00:00
headerdep.pl
headers_install.sh	scripts: headers_install.sh: Remove two outdated config leak ignore entries	2025-11-11 16:01:13 +01:00
insert-sys-cert.c
install.sh	kbuild: Create INSTALL_PATH directory if it does not exist	2024-07-20 13:34:54 +09:00
integer-wrap-ignore.scl	ubsan/overflow: Enable ignorelist parsing and add type filter	2025-03-07 19:58:05 -08:00
jobserver-exec	docs: Move the python libraries to tools/lib/python	2025-11-18 09:22:40 -07:00
kallsyms.c	kallsyms: Remove KALLSYMS_ABSOLUTE_PERCPU	2025-02-18 10:16:04 +01:00
Kbuild.include	kbuild: add $(objtree)/ prefix to some in-kernel build artifacts	2024-11-27 09:38:27 +09:00
Kconfig.include	init: deduplicate cc-can-link.sh invocations	2025-11-14 20:20:34 +01:00
kernel-doc	docs: add a scripts/kernel-doc symbolic link	2026-01-20 15:57:06 -07:00
ld-version.sh	kbuild: Make ld-version.sh more robust against version string changes	2024-07-15 03:13:32 +09:00
leaking_addresses.pl	leaking_addresses: Provide mechanism to scan binary files	2024-02-29 13:38:03 -08:00
Lindent
link-vmlinux.sh	Detect unused tracepoints for v6.19:	2025-12-05 09:37:41 -08:00
macro_checker.py	scripts: add macro_checker script to check unused parameters in macros	2024-09-01 20:43:28 -07:00
make_fit.py	scripts/make_fit: Print DT name before libfdt errors	2025-03-27 14:03:32 -05:00
Makefile	tracing: Add a tracepoint verification check at build time	2025-10-24 16:43:14 -04:00
Makefile.asm-headers	kbuild: fix rebuild of generic syscall headers	2024-07-18 10:01:55 -07:00
Makefile.autofdo	AutoFDO: Enable machine function split optimization for AutoFDO	2024-11-27 09:38:27 +09:00
Makefile.btf	kbuild, bpf: Enable --btf_features=attributes	2025-04-15 11:17:50 -07:00
Makefile.build	Kbuild fixes for 6.19, round 3	2026-01-31 08:21:32 -08:00
Makefile.clang	kbuild: clang: Support building UM with SUBARCH=i386	2025-03-04 09:40:13 -08:00
Makefile.clean	kbuild: change working directory to external module directory with M=	2024-11-28 08:10:23 +09:00
Makefile.compiler	require gcc-8 and binutils-2.30	2025-05-31 08:16:52 -07:00
Makefile.debug	kbuild: rust: use `-Zdebuginfo-compression`	2024-04-02 17:41:22 +02:00
Makefile.defconf	kbuild: suppress stdout from merge_config for silent builds	2025-01-10 23:01:21 +09:00
Makefile.dtbinst	kbuild: Install dtb files as 0644 in Makefile.dtbinst	2024-06-26 00:18:57 +09:00
Makefile.dtbs	kbuild: Ensure .dtbo targets are applied to a base .dtb	2025-11-17 11:27:52 -06:00
Makefile.gcc-plugins	stackleak: Split KSTACK_ERASE_CFLAGS from GCC_PLUGINS_CFLAGS	2025-07-21 21:40:57 -07:00
Makefile.headersinst
Makefile.host	kbuild: support building external modules in a separate build directory	2024-11-28 08:11:55 +09:00
Makefile.kasan	kasan: fix GCC mem-intrinsic prefix with sw tags	2025-08-27 22:45:43 -07:00
Makefile.kcov	- The 2 patch series "zram: support algorithm-specific parameters" from	2025-06-02 16:00:26 -07:00
Makefile.kcsan
Makefile.kmsan
Makefile.kstack_erase	kstack_erase: Fix missed export of renamed KSTACK_ERASE_CFLAGS	2025-07-29 17:17:46 -07:00
Makefile.lib	objtool/klp: Only enable --checksum when needed	2025-11-18 09:59:26 +01:00
Makefile.modfinal	tracing: Add warnings for unused tracepoints for modules	2025-10-24 16:43:15 -04:00
Makefile.modinst	kbuild: Use objtree for module signing key path	2025-11-08 12:17:58 +01:00
Makefile.modpost	modpost: Allow extended modversions without basic MODVERSIONS	2025-01-11 02:36:32 +09:00
Makefile.package	kbuild: add target to build a cpio containing modules	2025-11-26 21:56:14 +01:00
Makefile.propeller	kbuild: Fix Propeller build option	2024-11-27 09:38:27 +09:00
Makefile.randstruct
Makefile.ubsan	ARM:	2025-05-29 08:10:01 -07:00
Makefile.userprogs	kbuild: support 'userldlibs' syntax	2023-11-01 23:26:01 +09:00
Makefile.vdsoinst	more s390 updates for 6.10 merge window	2024-05-21 12:09:36 -07:00
Makefile.vmlinux	kbuild: Fix permissions of modules.builtin.modinfo	2026-01-28 11:51:25 +01:00
Makefile.vmlinux_o	kbuild: Check for functions with ambiguous -ffunction-sections section names	2025-11-21 10:04:10 +01:00
Makefile.warn	kbuild: Rename Makefile.extrawarn to Makefile.warn	2025-11-08 12:17:59 +01:00
makelst
markup_oops.pl
min-tool-version.sh	kbuild: Bump minimum version of LLVM for building the kernel to 15.0.0	2025-08-28 16:58:43 -07:00
misc-check	scripts/misc-check: update export checks for EXPORT_SYMBOL_FOR_MODULES()	2025-08-26 12:00:17 -07:00
mkcompile_h
mksysmap	modpost: Create modalias for builtin modules	2025-09-24 09:10:45 -07:00
mkuboot.sh
module-common.c	kbuild: compile constant module information only once	2024-09-07 17:24:08 +09:00
module.lds.S	livepatch: Free klp_{object,func}_ext data after initialization	2026-02-05 08:00:45 -08:00
modules-check.sh
nsdeps	scripts/nsdeps: get 'make nsdeps' working again	2024-12-03 08:22:25 -08:00
objdiff
objdump-func
orc_hash.sh
pahole-version.sh
parse-maintainers.pl
patch-kernel
profile2linkerlist.pl
prune-kernel
recordmcount.c	scripts: clean up IA-64 code	2023-12-03 18:51:48 +09:00
recordmcount.h
recordmcount.pl	tracing: Remove redundant config HAVE_FTRACE_MCOUNT_RECORD	2025-07-22 20:15:56 -04:00
relocs_check.sh
remove-stale-files	selinux: move genheaders to security/selinux/	2024-10-03 16:07:51 -04:00
rust_is_available.sh	rust: document `bindgen` 0.71.0 regression	2025-01-10 00:17:00 +01:00
rust_is_available_bindgen_0_66.h	rust: warn about `bindgen` versions 0.66.0 and 0.66.1	2024-07-10 10:28:52 +02:00
rust_is_available_bindgen_libclang.h
rust_is_available_bindgen_libclang_concat.h	rust: warn on bindgen < 0.69.5 and libclang >= 19.1	2024-11-12 21:26:54 +01:00
rust_is_available_test.py	rust: warn on bindgen < 0.69.5 and libclang >= 19.1	2024-11-12 21:26:54 +01:00
rustc-llvm-version.sh	kbuild: rust: avoid errors with old `rustc`s without LLVM patch version	2024-10-28 00:27:16 +01:00
rustc-version.sh	kbuild: rust: add `CONFIG_RUSTC_VERSION`	2024-09-05 22:44:18 +02:00
rustdoc_test_builder.rs	rust: use absolute paths in macros referencing core and kernel	2025-05-23 00:12:14 +02:00
rustdoc_test_gen.rs	rust: fix off-by-one line number in rustdoc tests	2026-01-04 23:51:35 +01:00
setlocalversion	setlocalversion: add -e option	2024-11-28 08:11:56 +09:00
show_delta	scripts: make python shebangs specific about desired version	2025-03-15 21:19:44 +09:00
sign-file.c	Modules changes for v7.0-rc1	2026-02-10 09:49:18 -08:00
sorttable.c	sorttable: Move ELF parsing into scripts/elf-parse.[ch]	2025-10-24 16:43:14 -04:00
spdxcheck-test.sh
spdxcheck.py	treewide: Update email address	2026-01-11 06:09:11 -10:00
spdxexclude
spelling.txt	scripts/spelling.txt: add notifer\|\|notifier to spelling.txt	2025-08-02 12:01:40 -07:00
ssl-common.h	sign-file,extract-cert: avoid using deprecated ERR_get_error_line()	2024-09-20 19:49:52 +03:00
stackdelta
stackusage
subarch.include	scripts: subarch.include: fix SUBARCH on macOS hosts	2024-09-10 13:56:37 +09:00
syscall.tbl	arch: hookup listns() system call	2025-11-03 17:41:18 +01:00
syscallhdr.sh
syscallnr.sh
syscalltbl.sh	x86/syscall: Mark exit[_group] syscall handlers __noreturn	2024-06-28 15:23:38 +02:00
tags.sh	scripts/tags.sh: allow to use alternative ctags implementation	2025-06-06 05:40:25 +09:00
tools-support-relr.sh
tracepoint-update.c	scripts/tracepoint-update: Fix memory leak in add_string() on failure	2026-01-23 13:34:45 -05:00
unifdef.c	scripts/unifdef: avoid constexpr keyword	2024-04-23 00:09:41 +09:00
ver_linux	ver_linux: Remove checks for reiserfsprogs.	2025-06-09 14:53:16 -06:00
verify_builtin_ranges.awk	scripts: add verifier script for builtin module range data	2024-09-20 09:21:52 +09:00
xen-hypercalls.sh
xz_wrap.sh	xz: adjust arch-specific options for better kernel compression	2024-09-01 20:43:27 -07:00