#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 4.14.154-ipfire Kernel Configuration
+# Linux/arm64 4.14.166-ipfire Kernel Configuration
#
CONFIG_ARM64=y
CONFIG_64BIT=y
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_SLUB_CPU_PARTIAL=y
-# CONFIG_SYSTEM_DATA_VERIFICATION is not set
+CONFIG_SYSTEM_DATA_VERIFICATION=y
# CONFIG_PROFILING is not set
CONFIG_TRACEPOINTS=y
# CONFIG_KPROBES is not set
# CONFIG_MODULE_FORCE_UNLOAD is not set
CONFIG_MODVERSIONS=y
CONFIG_MODULE_SRCVERSION_ALL=y
-# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_SIG=y
+CONFIG_MODULE_SIG_FORCE=y
+CONFIG_MODULE_SIG_ALL=y
+# CONFIG_MODULE_SIG_SHA1 is not set
+# CONFIG_MODULE_SIG_SHA224 is not set
+# CONFIG_MODULE_SIG_SHA256 is not set
+# CONFIG_MODULE_SIG_SHA384 is not set
+CONFIG_MODULE_SIG_SHA512=y
+CONFIG_MODULE_SIG_HASH="sha512"
CONFIG_MODULE_COMPRESS=y
# CONFIG_MODULE_COMPRESS_GZIP is not set
CONFIG_MODULE_COMPRESS_XZ=y
CONFIG_IOSCHED_BFQ=y
CONFIG_BFQ_GROUP_IOSCHED=y
CONFIG_PADATA=y
+CONFIG_ASN1=y
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
CONFIG_INLINE_READ_UNLOCK=y
CONFIG_INLINE_READ_UNLOCK_IRQ=y
# CONFIG_ACENIC_OMIT_TIGON_I is not set
CONFIG_ALTERA_TSE=m
CONFIG_NET_VENDOR_AMAZON=y
+CONFIG_ENA_ETHERNET=m
CONFIG_NET_VENDOR_AMD=y
CONFIG_AMD8111_ETH=m
CONFIG_PCNET32=m
#
# Crypto core or helper
#
+# CONFIG_CRYPTO_FIPS is not set
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
CONFIG_CRYPTO_AKCIPHER2=y
+CONFIG_CRYPTO_AKCIPHER=y
CONFIG_CRYPTO_KPP2=y
CONFIG_CRYPTO_KPP=m
CONFIG_CRYPTO_ACOMP2=y
-# CONFIG_CRYPTO_RSA is not set
+CONFIG_CRYPTO_RSA=y
# CONFIG_CRYPTO_DH is not set
CONFIG_CRYPTO_ECDH=m
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y
# CONFIG_CRYPTO_USER_API_RNG is not set
# CONFIG_CRYPTO_USER_API_AEAD is not set
+CONFIG_CRYPTO_HASH_INFO=y
CONFIG_CRYPTO_HW=y
# CONFIG_CRYPTO_DEV_MARVELL_CESA is not set
# CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC is not set
# CONFIG_CRYPTO_DEV_CHELSIO is not set
CONFIG_CRYPTO_DEV_VIRTIO=m
# CONFIG_CRYPTO_DEV_SAFEXCEL is not set
-# CONFIG_ASYMMETRIC_KEY_TYPE is not set
+CONFIG_ASYMMETRIC_KEY_TYPE=y
+CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
+CONFIG_X509_CERTIFICATE_PARSER=y
+CONFIG_PKCS7_MESSAGE_PARSER=y
+CONFIG_PKCS7_TEST_KEY=m
+# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
#
# Certificates for signature checking
#
+CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
+CONFIG_SYSTEM_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_TRUSTED_KEYS=""
+# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
+# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
# CONFIG_ARM64_CRYPTO is not set
CONFIG_BINARY_PRINTF=y
CONFIG_GLOB=y
# CONFIG_GLOB_SELFTEST is not set
CONFIG_NLATTR=y
+CONFIG_CLZ_TAB=y
CONFIG_CORDIC=m
CONFIG_DDR=y
CONFIG_IRQ_POLL=y
+CONFIG_MPILIB=y
CONFIG_LIBFDT=y
-CONFIG_OID_REGISTRY=m
+CONFIG_OID_REGISTRY=y
CONFIG_UCS2_STRING=y
CONFIG_FONT_SUPPORT=y
# CONFIG_FONTS is not set
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 4.14.154-ipfire-multi Kernel Configuration
+# Linux/arm 4.14.166-ipfire-multi Kernel Configuration
#
CONFIG_ARM=y
CONFIG_ARM_HAS_SG_CHAIN=y
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_SLUB_CPU_PARTIAL=y
-# CONFIG_SYSTEM_DATA_VERIFICATION is not set
+CONFIG_SYSTEM_DATA_VERIFICATION=y
# CONFIG_PROFILING is not set
CONFIG_TRACEPOINTS=y
CONFIG_HAVE_OPROFILE=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
CONFIG_MODVERSIONS=y
CONFIG_MODULE_SRCVERSION_ALL=y
-# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_SIG=y
+CONFIG_MODULE_SIG_FORCE=y
+CONFIG_MODULE_SIG_ALL=y
+# CONFIG_MODULE_SIG_SHA1 is not set
+# CONFIG_MODULE_SIG_SHA224 is not set
+# CONFIG_MODULE_SIG_SHA256 is not set
+# CONFIG_MODULE_SIG_SHA384 is not set
+CONFIG_MODULE_SIG_SHA512=y
+CONFIG_MODULE_SIG_HASH="sha512"
CONFIG_MODULE_COMPRESS=y
# CONFIG_MODULE_COMPRESS_GZIP is not set
CONFIG_MODULE_COMPRESS_XZ=y
CONFIG_IOSCHED_BFQ=y
CONFIG_BFQ_GROUP_IOSCHED=y
CONFIG_PADATA=y
+CONFIG_ASN1=y
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
CONFIG_INLINE_READ_UNLOCK=y
CONFIG_INLINE_READ_UNLOCK_IRQ=y
# CONFIG_ACENIC_OMIT_TIGON_I is not set
CONFIG_ALTERA_TSE=m
CONFIG_NET_VENDOR_AMAZON=y
+CONFIG_ENA_ETHERNET=m
CONFIG_NET_VENDOR_AMD=y
CONFIG_AMD8111_ETH=m
CONFIG_PCNET32=m
CONFIG_OLD_MCOUNT=y
# CONFIG_DEBUG_USER is not set
# CONFIG_DEBUG_LL is not set
-CONFIG_DEBUG_IMX_UART_PORT=1
CONFIG_DEBUG_LL_INCLUDE="mach/debug-macro.S"
# CONFIG_DEBUG_UART_8250 is not set
CONFIG_UNCOMPRESS_INCLUDE="debug/uncompress.h"
#
# Crypto core or helper
#
+# CONFIG_CRYPTO_FIPS is not set
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
CONFIG_CRYPTO_AKCIPHER2=y
+CONFIG_CRYPTO_AKCIPHER=y
CONFIG_CRYPTO_KPP2=y
CONFIG_CRYPTO_KPP=m
CONFIG_CRYPTO_ACOMP2=y
-# CONFIG_CRYPTO_RSA is not set
+CONFIG_CRYPTO_RSA=y
# CONFIG_CRYPTO_DH is not set
CONFIG_CRYPTO_ECDH=m
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y
# CONFIG_CRYPTO_USER_API_RNG is not set
# CONFIG_CRYPTO_USER_API_AEAD is not set
+CONFIG_CRYPTO_HASH_INFO=y
CONFIG_CRYPTO_HW=y
CONFIG_CRYPTO_DEV_MV_CESA=m
# CONFIG_CRYPTO_DEV_MARVELL_CESA is not set
CONFIG_CRYPTO_DEV_SUN4I_SS_PRNG=y
CONFIG_CRYPTO_DEV_ROCKCHIP=y
# CONFIG_CRYPTO_DEV_CHELSIO is not set
-# CONFIG_ASYMMETRIC_KEY_TYPE is not set
+CONFIG_ASYMMETRIC_KEY_TYPE=y
+CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
+CONFIG_X509_CERTIFICATE_PARSER=y
+CONFIG_PKCS7_MESSAGE_PARSER=y
+CONFIG_PKCS7_TEST_KEY=m
+# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
#
# Certificates for signature checking
#
+CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
+CONFIG_SYSTEM_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_TRUSTED_KEYS=""
+# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
+# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
CONFIG_ARM_CRYPTO=y
CONFIG_CRYPTO_SHA1_ARM=m
# CONFIG_GLOB_SELFTEST is not set
CONFIG_NLATTR=y
CONFIG_GENERIC_ATOMIC64=y
+CONFIG_CLZ_TAB=y
CONFIG_CORDIC=m
CONFIG_DDR=y
CONFIG_IRQ_POLL=y
+CONFIG_MPILIB=y
CONFIG_LIBFDT=y
-CONFIG_OID_REGISTRY=m
+CONFIG_OID_REGISTRY=y
CONFIG_FONT_SUPPORT=y
# CONFIG_FONTS is not set
CONFIG_FONT_8x8=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.14.154-ipfire-pae Kernel Configuration
+# Linux/x86 4.14.170-ipfire Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_SLUB_CPU_PARTIAL=y
-# CONFIG_SYSTEM_DATA_VERIFICATION is not set
+CONFIG_SYSTEM_DATA_VERIFICATION=y
# CONFIG_PROFILING is not set
CONFIG_TRACEPOINTS=y
CONFIG_HOTPLUG_SMT=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
CONFIG_MODVERSIONS=y
CONFIG_MODULE_SRCVERSION_ALL=y
-# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_SIG=y
+CONFIG_MODULE_SIG_FORCE=y
+CONFIG_MODULE_SIG_ALL=y
+# CONFIG_MODULE_SIG_SHA1 is not set
+# CONFIG_MODULE_SIG_SHA224 is not set
+# CONFIG_MODULE_SIG_SHA256 is not set
+# CONFIG_MODULE_SIG_SHA384 is not set
+CONFIG_MODULE_SIG_SHA512=y
+CONFIG_MODULE_SIG_HASH="sha512"
CONFIG_MODULE_COMPRESS=y
# CONFIG_MODULE_COMPRESS_GZIP is not set
CONFIG_MODULE_COMPRESS_XZ=y
CONFIG_BFQ_GROUP_IOSCHED=y
CONFIG_PREEMPT_NOTIFIERS=y
CONFIG_PADATA=y
-CONFIG_ASN1=m
+CONFIG_ASN1=y
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
CONFIG_INLINE_READ_UNLOCK=y
CONFIG_INLINE_READ_UNLOCK_IRQ=y
# CONFIG_DEBUG_TLBFLUSH is not set
# CONFIG_IOMMU_STRESS is not set
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
+# CONFIG_X86_DECODER_SELFTEST is not set
CONFIG_IO_DELAY_TYPE_0X80=0
CONFIG_IO_DELAY_TYPE_0XED=1
CONFIG_IO_DELAY_TYPE_UDELAY=2
#
# Crypto core or helper
#
+# CONFIG_CRYPTO_FIPS is not set
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
CONFIG_CRYPTO_AKCIPHER2=y
-CONFIG_CRYPTO_AKCIPHER=m
+CONFIG_CRYPTO_AKCIPHER=y
CONFIG_CRYPTO_KPP2=y
CONFIG_CRYPTO_KPP=m
CONFIG_CRYPTO_ACOMP2=y
-CONFIG_CRYPTO_RSA=m
+CONFIG_CRYPTO_RSA=y
CONFIG_CRYPTO_DH=m
CONFIG_CRYPTO_ECDH=m
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_RMD320=m
CONFIG_CRYPTO_SHA1=y
CONFIG_CRYPTO_SHA256=y
-CONFIG_CRYPTO_SHA512=m
+CONFIG_CRYPTO_SHA512=y
CONFIG_CRYPTO_SHA3=m
CONFIG_CRYPTO_TGR192=m
CONFIG_CRYPTO_WP512=m
CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_USER_API_RNG=m
CONFIG_CRYPTO_USER_API_AEAD=m
+CONFIG_CRYPTO_HASH_INFO=y
CONFIG_CRYPTO_HW=y
CONFIG_CRYPTO_DEV_PADLOCK=m
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
CONFIG_CRYPTO_DEV_QAT_C62XVF=m
CONFIG_CRYPTO_DEV_CHELSIO=m
CONFIG_CRYPTO_DEV_VIRTIO=m
-# CONFIG_ASYMMETRIC_KEY_TYPE is not set
+CONFIG_ASYMMETRIC_KEY_TYPE=y
+CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
+CONFIG_X509_CERTIFICATE_PARSER=y
+CONFIG_PKCS7_MESSAGE_PARSER=y
+CONFIG_PKCS7_TEST_KEY=m
+# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
#
# Certificates for signature checking
#
+CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
+CONFIG_SYSTEM_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_TRUSTED_KEYS=""
+# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
+# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
CONFIG_HAVE_KVM=y
CONFIG_HAVE_KVM_IRQCHIP=y
CONFIG_CORDIC=m
# CONFIG_DDR is not set
CONFIG_IRQ_POLL=y
-CONFIG_MPILIB=m
-CONFIG_OID_REGISTRY=m
+CONFIG_MPILIB=y
+CONFIG_OID_REGISTRY=y
CONFIG_UCS2_STRING=y
CONFIG_FONT_SUPPORT=y
# CONFIG_FONTS is not set
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.14.154-ipfire-pae Kernel Configuration
+# Linux/x86 4.14.170-ipfire-pae Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_SLUB_CPU_PARTIAL=y
-# CONFIG_SYSTEM_DATA_VERIFICATION is not set
+CONFIG_SYSTEM_DATA_VERIFICATION=y
# CONFIG_PROFILING is not set
CONFIG_TRACEPOINTS=y
CONFIG_HOTPLUG_SMT=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
CONFIG_MODVERSIONS=y
CONFIG_MODULE_SRCVERSION_ALL=y
-# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_SIG=y
+CONFIG_MODULE_SIG_FORCE=y
+CONFIG_MODULE_SIG_ALL=y
+# CONFIG_MODULE_SIG_SHA1 is not set
+# CONFIG_MODULE_SIG_SHA224 is not set
+# CONFIG_MODULE_SIG_SHA256 is not set
+# CONFIG_MODULE_SIG_SHA384 is not set
+CONFIG_MODULE_SIG_SHA512=y
+CONFIG_MODULE_SIG_HASH="sha512"
CONFIG_MODULE_COMPRESS=y
# CONFIG_MODULE_COMPRESS_GZIP is not set
CONFIG_MODULE_COMPRESS_XZ=y
CONFIG_BFQ_GROUP_IOSCHED=y
CONFIG_PREEMPT_NOTIFIERS=y
CONFIG_PADATA=y
-CONFIG_ASN1=m
+CONFIG_ASN1=y
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
CONFIG_INLINE_READ_UNLOCK=y
CONFIG_INLINE_READ_UNLOCK_IRQ=y
# CONFIG_DEBUG_TLBFLUSH is not set
# CONFIG_IOMMU_STRESS is not set
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
+# CONFIG_X86_DECODER_SELFTEST is not set
CONFIG_IO_DELAY_TYPE_0X80=0
CONFIG_IO_DELAY_TYPE_0XED=1
CONFIG_IO_DELAY_TYPE_UDELAY=2
#
# Crypto core or helper
#
+# CONFIG_CRYPTO_FIPS is not set
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
CONFIG_CRYPTO_AKCIPHER2=y
-CONFIG_CRYPTO_AKCIPHER=m
+CONFIG_CRYPTO_AKCIPHER=y
CONFIG_CRYPTO_KPP2=y
CONFIG_CRYPTO_KPP=m
CONFIG_CRYPTO_ACOMP2=y
-CONFIG_CRYPTO_RSA=m
+CONFIG_CRYPTO_RSA=y
CONFIG_CRYPTO_DH=m
CONFIG_CRYPTO_ECDH=m
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_RMD320=m
CONFIG_CRYPTO_SHA1=y
CONFIG_CRYPTO_SHA256=y
-CONFIG_CRYPTO_SHA512=m
+CONFIG_CRYPTO_SHA512=y
CONFIG_CRYPTO_SHA3=m
CONFIG_CRYPTO_TGR192=m
CONFIG_CRYPTO_WP512=m
CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_USER_API_RNG=m
CONFIG_CRYPTO_USER_API_AEAD=m
+CONFIG_CRYPTO_HASH_INFO=y
CONFIG_CRYPTO_HW=y
CONFIG_CRYPTO_DEV_PADLOCK=m
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
CONFIG_CRYPTO_DEV_QAT_C62XVF=m
CONFIG_CRYPTO_DEV_CHELSIO=m
CONFIG_CRYPTO_DEV_VIRTIO=m
-# CONFIG_ASYMMETRIC_KEY_TYPE is not set
+CONFIG_ASYMMETRIC_KEY_TYPE=y
+CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
+CONFIG_X509_CERTIFICATE_PARSER=y
+CONFIG_PKCS7_MESSAGE_PARSER=y
+CONFIG_PKCS7_TEST_KEY=m
+# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
#
# Certificates for signature checking
#
+CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
+CONFIG_SYSTEM_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_TRUSTED_KEYS=""
+# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
+# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
CONFIG_HAVE_KVM=y
CONFIG_HAVE_KVM_IRQCHIP=y
CONFIG_CORDIC=m
# CONFIG_DDR is not set
CONFIG_IRQ_POLL=y
-CONFIG_MPILIB=m
-CONFIG_OID_REGISTRY=m
+CONFIG_MPILIB=y
+CONFIG_OID_REGISTRY=y
CONFIG_UCS2_STRING=y
CONFIG_FONT_SUPPORT=y
# CONFIG_FONTS is not set
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.14.154-ipfire Kernel Configuration
+# Linux/x86 4.14.170-ipfire Kernel Configuration
#
CONFIG_64BIT=y
CONFIG_X86_64=y
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_SLUB_CPU_PARTIAL=y
-# CONFIG_SYSTEM_DATA_VERIFICATION is not set
+CONFIG_SYSTEM_DATA_VERIFICATION=y
# CONFIG_PROFILING is not set
CONFIG_TRACEPOINTS=y
CONFIG_HOTPLUG_SMT=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
CONFIG_MODVERSIONS=y
CONFIG_MODULE_SRCVERSION_ALL=y
-# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_SIG=y
+CONFIG_MODULE_SIG_FORCE=y
+CONFIG_MODULE_SIG_ALL=y
+# CONFIG_MODULE_SIG_SHA1 is not set
+# CONFIG_MODULE_SIG_SHA224 is not set
+# CONFIG_MODULE_SIG_SHA256 is not set
+# CONFIG_MODULE_SIG_SHA384 is not set
+CONFIG_MODULE_SIG_SHA512=y
+CONFIG_MODULE_SIG_HASH="sha512"
CONFIG_MODULE_COMPRESS=y
# CONFIG_MODULE_COMPRESS_GZIP is not set
CONFIG_MODULE_COMPRESS_XZ=y
CONFIG_BFQ_GROUP_IOSCHED=y
CONFIG_PREEMPT_NOTIFIERS=y
CONFIG_PADATA=y
-CONFIG_ASN1=m
+CONFIG_ASN1=y
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
CONFIG_INLINE_READ_UNLOCK=y
CONFIG_INLINE_READ_UNLOCK_IRQ=y
# CONFIG_DEBUG_TLBFLUSH is not set
# CONFIG_IOMMU_STRESS is not set
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
+# CONFIG_X86_DECODER_SELFTEST is not set
CONFIG_IO_DELAY_TYPE_0X80=0
CONFIG_IO_DELAY_TYPE_0XED=1
CONFIG_IO_DELAY_TYPE_UDELAY=2
#
# Crypto core or helper
#
+# CONFIG_CRYPTO_FIPS is not set
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_RNG2=y
CONFIG_CRYPTO_RNG_DEFAULT=y
CONFIG_CRYPTO_AKCIPHER2=y
-CONFIG_CRYPTO_AKCIPHER=m
+CONFIG_CRYPTO_AKCIPHER=y
CONFIG_CRYPTO_KPP2=y
CONFIG_CRYPTO_KPP=m
CONFIG_CRYPTO_ACOMP2=y
-CONFIG_CRYPTO_RSA=m
+CONFIG_CRYPTO_RSA=y
CONFIG_CRYPTO_DH=m
CONFIG_CRYPTO_ECDH=m
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_SHA256_MB=m
CONFIG_CRYPTO_SHA512_MB=m
CONFIG_CRYPTO_SHA256=y
-CONFIG_CRYPTO_SHA512=m
+CONFIG_CRYPTO_SHA512=y
CONFIG_CRYPTO_SHA3=m
CONFIG_CRYPTO_TGR192=m
CONFIG_CRYPTO_WP512=m
CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_USER_API_RNG=m
CONFIG_CRYPTO_USER_API_AEAD=m
+CONFIG_CRYPTO_HASH_INFO=y
CONFIG_CRYPTO_HW=y
CONFIG_CRYPTO_DEV_PADLOCK=m
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
CONFIG_CRYPTO_DEV_NITROX_CNN55XX=m
CONFIG_CRYPTO_DEV_CHELSIO=m
CONFIG_CRYPTO_DEV_VIRTIO=m
-# CONFIG_ASYMMETRIC_KEY_TYPE is not set
+CONFIG_ASYMMETRIC_KEY_TYPE=y
+CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y
+CONFIG_X509_CERTIFICATE_PARSER=y
+CONFIG_PKCS7_MESSAGE_PARSER=y
+# CONFIG_PKCS7_TEST_KEY is not set
+# CONFIG_SIGNED_PE_FILE_VERIFICATION is not set
#
# Certificates for signature checking
#
+CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
+CONFIG_SYSTEM_TRUSTED_KEYRING=y
+CONFIG_SYSTEM_TRUSTED_KEYS=""
+# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
+# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
CONFIG_HAVE_KVM=y
CONFIG_HAVE_KVM_IRQCHIP=y
CONFIG_CORDIC=m
# CONFIG_DDR is not set
CONFIG_IRQ_POLL=y
-CONFIG_MPILIB=m
-CONFIG_OID_REGISTRY=m
+CONFIG_MPILIB=y
+CONFIG_OID_REGISTRY=y
CONFIG_UCS2_STRING=y
CONFIG_FONT_SUPPORT=y
# CONFIG_FONTS is not set
--- /dev/null
+[ req ]
+default_bits = 4096
+distinguished_name = req_distinguished_name
+prompt = no
+string_mask = utf8only
+x509_extensions = myexts
+
+[ req_distinguished_name ]
+O = IPFire.org
+CN = Build time autogenerated kernel key
+emailAddress = development@lists.ipfire.org
+
+[ myexts ]
+basicConstraints=critical,CA:FALSE
+keyUsage=digitalSignature
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid
#lib/modules/KVER-ipfire/build/certs
#lib/modules/KVER-ipfire/build/certs/Kconfig
#lib/modules/KVER-ipfire/build/certs/Makefile
+#lib/modules/KVER-ipfire/build/certs/signing_key.pem
+#lib/modules/KVER-ipfire/build/certs/signing_key.x509
#lib/modules/KVER-ipfire/build/crypto
#lib/modules/KVER-ipfire/build/crypto/Kconfig
#lib/modules/KVER-ipfire/build/crypto/Makefile
#lib/modules/KVER-ipfire/build/include/config/asus/nb/wmi.h
#lib/modules/KVER-ipfire/build/include/config/asus/wireless.h
#lib/modules/KVER-ipfire/build/include/config/asus/wmi.h
+#lib/modules/KVER-ipfire/build/include/config/asymmetric
+#lib/modules/KVER-ipfire/build/include/config/asymmetric/key
+#lib/modules/KVER-ipfire/build/include/config/asymmetric/key/type.h
+#lib/modules/KVER-ipfire/build/include/config/asymmetric/public
+#lib/modules/KVER-ipfire/build/include/config/asymmetric/public/key
+#lib/modules/KVER-ipfire/build/include/config/asymmetric/public/key/subtype.h
#lib/modules/KVER-ipfire/build/include/config/async
#lib/modules/KVER-ipfire/build/include/config/async/core.h
#lib/modules/KVER-ipfire/build/include/config/async/memcpy.h
#lib/modules/KVER-ipfire/build/include/config/crypto/glue
#lib/modules/KVER-ipfire/build/include/config/crypto/glue/helper
#lib/modules/KVER-ipfire/build/include/config/crypto/glue/helper/x86.h
+#lib/modules/KVER-ipfire/build/include/config/crypto/hash
#lib/modules/KVER-ipfire/build/include/config/crypto/hash.h
+#lib/modules/KVER-ipfire/build/include/config/crypto/hash/info.h
#lib/modules/KVER-ipfire/build/include/config/crypto/hash2.h
#lib/modules/KVER-ipfire/build/include/config/crypto/hmac.h
#lib/modules/KVER-ipfire/build/include/config/crypto/hw.h
#lib/modules/KVER-ipfire/build/include/config/module/compress
#lib/modules/KVER-ipfire/build/include/config/module/compress.h
#lib/modules/KVER-ipfire/build/include/config/module/compress/xz.h
+#lib/modules/KVER-ipfire/build/include/config/module/sig
+#lib/modules/KVER-ipfire/build/include/config/module/sig.h
+#lib/modules/KVER-ipfire/build/include/config/module/sig/all.h
+#lib/modules/KVER-ipfire/build/include/config/module/sig/force.h
+#lib/modules/KVER-ipfire/build/include/config/module/sig/hash.h
+#lib/modules/KVER-ipfire/build/include/config/module/sig/key.h
+#lib/modules/KVER-ipfire/build/include/config/module/sig/sha512.h
#lib/modules/KVER-ipfire/build/include/config/module/srcversion
#lib/modules/KVER-ipfire/build/include/config/module/srcversion/all.h
#lib/modules/KVER-ipfire/build/include/config/module/unload.h
#lib/modules/KVER-ipfire/build/include/config/pinctrl/lewisburg.h
#lib/modules/KVER-ipfire/build/include/config/pinctrl/mcp23s08.h
#lib/modules/KVER-ipfire/build/include/config/pinmux.h
+#lib/modules/KVER-ipfire/build/include/config/pkcs7
+#lib/modules/KVER-ipfire/build/include/config/pkcs7/message
+#lib/modules/KVER-ipfire/build/include/config/pkcs7/message/parser.h
+#lib/modules/KVER-ipfire/build/include/config/pkcs7/test
+#lib/modules/KVER-ipfire/build/include/config/pkcs7/test/key.h
#lib/modules/KVER-ipfire/build/include/config/plx
#lib/modules/KVER-ipfire/build/include/config/plx/hermes.h
#lib/modules/KVER-ipfire/build/include/config/pm
#lib/modules/KVER-ipfire/build/include/config/sysfs
#lib/modules/KVER-ipfire/build/include/config/sysfs.h
#lib/modules/KVER-ipfire/build/include/config/sysfs/syscall.h
+#lib/modules/KVER-ipfire/build/include/config/system
+#lib/modules/KVER-ipfire/build/include/config/system/data
+#lib/modules/KVER-ipfire/build/include/config/system/data/verification.h
+#lib/modules/KVER-ipfire/build/include/config/system/trusted
+#lib/modules/KVER-ipfire/build/include/config/system/trusted/keyring.h
+#lib/modules/KVER-ipfire/build/include/config/system/trusted/keys.h
#lib/modules/KVER-ipfire/build/include/config/sysvipc
#lib/modules/KVER-ipfire/build/include/config/sysvipc.h
#lib/modules/KVER-ipfire/build/include/config/sysvipc/sysctl.h
#lib/modules/KVER-ipfire/build/include/config/wlcore/sdio.h
#lib/modules/KVER-ipfire/build/include/config/wmi
#lib/modules/KVER-ipfire/build/include/config/wmi/bmof.h
+#lib/modules/KVER-ipfire/build/include/config/x509
+#lib/modules/KVER-ipfire/build/include/config/x509/certificate
+#lib/modules/KVER-ipfire/build/include/config/x509/certificate/parser.h
#lib/modules/KVER-ipfire/build/include/config/x86
#lib/modules/KVER-ipfire/build/include/config/x86.h
#lib/modules/KVER-ipfire/build/include/config/x86/32
#lib/modules/KVER-ipfire/build/scripts/dtc/util.h
#lib/modules/KVER-ipfire/build/scripts/dtc/version_gen.h
#lib/modules/KVER-ipfire/build/scripts/export_report.pl
+#lib/modules/KVER-ipfire/build/scripts/extract-cert
#lib/modules/KVER-ipfire/build/scripts/extract-cert.c
#lib/modules/KVER-ipfire/build/scripts/extract-ikconfig
#lib/modules/KVER-ipfire/build/scripts/extract-module-sig.pl
#lib/modules/KVER-ipfire/build/scripts/selinux/mdp/mdp.c
#lib/modules/KVER-ipfire/build/scripts/setlocalversion
#lib/modules/KVER-ipfire/build/scripts/show_delta
+#lib/modules/KVER-ipfire/build/scripts/sign-file
#lib/modules/KVER-ipfire/build/scripts/sign-file.c
#lib/modules/KVER-ipfire/build/scripts/sortextable
#lib/modules/KVER-ipfire/build/scripts/sortextable.c
#lib/modules/KVER-ipfire/kernel/crypto/ansi_cprng.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/anubis.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/arc4.ko.xz
+#lib/modules/KVER-ipfire/kernel/crypto/asymmetric_keys
+#lib/modules/KVER-ipfire/kernel/crypto/asymmetric_keys/pkcs7_test_key.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/async_tx
#lib/modules/KVER-ipfire/kernel/crypto/async_tx/async_memcpy.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/async_tx/async_pq.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/rmd160.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/rmd256.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/rmd320.ko.xz
-#lib/modules/KVER-ipfire/kernel/crypto/rsa_generic.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/salsa20_generic.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/seed.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/serpent_generic.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/sha3_generic.ko.xz
-#lib/modules/KVER-ipfire/kernel/crypto/sha512_generic.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/tcrypt.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/tea.ko.xz
#lib/modules/KVER-ipfire/kernel/crypto/tgr192.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/842
#lib/modules/KVER-ipfire/kernel/lib/842/842_compress.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/842/842_decompress.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/asn1_decoder.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/cordic.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/crc-itu-t.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/crc7.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/lz4/lz4hc_compress.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/lzo
#lib/modules/KVER-ipfire/kernel/lib/lzo/lzo_compress.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/mpi
-#lib/modules/KVER-ipfire/kernel/lib/mpi/mpi.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/oid_registry.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/parman.ko.xz
#lib/modules/KVER-ipfire/kernel/lib/raid6
#lib/modules/KVER-ipfire/kernel/lib/raid6/raid6_pq.ko.xz
#lib/modules/KVER-ipfire-pae/build/certs
#lib/modules/KVER-ipfire-pae/build/certs/Kconfig
#lib/modules/KVER-ipfire-pae/build/certs/Makefile
+#lib/modules/KVER-ipfire-pae/build/certs/signing_key.pem
+#lib/modules/KVER-ipfire-pae/build/certs/signing_key.x509
#lib/modules/KVER-ipfire-pae/build/crypto
#lib/modules/KVER-ipfire-pae/build/crypto/Kconfig
#lib/modules/KVER-ipfire-pae/build/crypto/Makefile
#lib/modules/KVER-ipfire-pae/build/include/config/asus/nb/wmi.h
#lib/modules/KVER-ipfire-pae/build/include/config/asus/wireless.h
#lib/modules/KVER-ipfire-pae/build/include/config/asus/wmi.h
+#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric
+#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/key
+#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/key/type.h
+#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/public
+#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/public/key
+#lib/modules/KVER-ipfire-pae/build/include/config/asymmetric/public/key/subtype.h
#lib/modules/KVER-ipfire-pae/build/include/config/async
#lib/modules/KVER-ipfire-pae/build/include/config/async/core.h
#lib/modules/KVER-ipfire-pae/build/include/config/async/memcpy.h
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/glue
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/glue/helper
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/glue/helper/x86.h
+#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash.h
+#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash/info.h
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hash2.h
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hmac.h
#lib/modules/KVER-ipfire-pae/build/include/config/crypto/hw.h
#lib/modules/KVER-ipfire-pae/build/include/config/module/compress
#lib/modules/KVER-ipfire-pae/build/include/config/module/compress.h
#lib/modules/KVER-ipfire-pae/build/include/config/module/compress/xz.h
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig.h
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/all.h
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/force.h
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/hash.h
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/key.h
+#lib/modules/KVER-ipfire-pae/build/include/config/module/sig/sha512.h
#lib/modules/KVER-ipfire-pae/build/include/config/module/srcversion
#lib/modules/KVER-ipfire-pae/build/include/config/module/srcversion/all.h
#lib/modules/KVER-ipfire-pae/build/include/config/module/unload.h
#lib/modules/KVER-ipfire-pae/build/include/config/pinctrl/lewisburg.h
#lib/modules/KVER-ipfire-pae/build/include/config/pinctrl/mcp23s08.h
#lib/modules/KVER-ipfire-pae/build/include/config/pinmux.h
+#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7
+#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/message
+#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/message/parser.h
+#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/test
+#lib/modules/KVER-ipfire-pae/build/include/config/pkcs7/test/key.h
#lib/modules/KVER-ipfire-pae/build/include/config/plx
#lib/modules/KVER-ipfire-pae/build/include/config/plx/hermes.h
#lib/modules/KVER-ipfire-pae/build/include/config/pm
#lib/modules/KVER-ipfire-pae/build/include/config/sysfs
#lib/modules/KVER-ipfire-pae/build/include/config/sysfs.h
#lib/modules/KVER-ipfire-pae/build/include/config/sysfs/syscall.h
+#lib/modules/KVER-ipfire-pae/build/include/config/system
+#lib/modules/KVER-ipfire-pae/build/include/config/system/data
+#lib/modules/KVER-ipfire-pae/build/include/config/system/data/verification.h
+#lib/modules/KVER-ipfire-pae/build/include/config/system/trusted
+#lib/modules/KVER-ipfire-pae/build/include/config/system/trusted/keyring.h
+#lib/modules/KVER-ipfire-pae/build/include/config/system/trusted/keys.h
#lib/modules/KVER-ipfire-pae/build/include/config/sysvipc
#lib/modules/KVER-ipfire-pae/build/include/config/sysvipc.h
#lib/modules/KVER-ipfire-pae/build/include/config/sysvipc/sysctl.h
#lib/modules/KVER-ipfire-pae/build/include/config/wlcore/sdio.h
#lib/modules/KVER-ipfire-pae/build/include/config/wmi
#lib/modules/KVER-ipfire-pae/build/include/config/wmi/bmof.h
+#lib/modules/KVER-ipfire-pae/build/include/config/x509
+#lib/modules/KVER-ipfire-pae/build/include/config/x509/certificate
+#lib/modules/KVER-ipfire-pae/build/include/config/x509/certificate/parser.h
#lib/modules/KVER-ipfire-pae/build/include/config/x86
#lib/modules/KVER-ipfire-pae/build/include/config/x86.h
#lib/modules/KVER-ipfire-pae/build/include/config/x86/32
#lib/modules/KVER-ipfire-pae/build/scripts/dtc/util.h
#lib/modules/KVER-ipfire-pae/build/scripts/dtc/version_gen.h
#lib/modules/KVER-ipfire-pae/build/scripts/export_report.pl
+#lib/modules/KVER-ipfire-pae/build/scripts/extract-cert
#lib/modules/KVER-ipfire-pae/build/scripts/extract-cert.c
#lib/modules/KVER-ipfire-pae/build/scripts/extract-ikconfig
#lib/modules/KVER-ipfire-pae/build/scripts/extract-module-sig.pl
#lib/modules/KVER-ipfire-pae/build/scripts/selinux/mdp/mdp.c
#lib/modules/KVER-ipfire-pae/build/scripts/setlocalversion
#lib/modules/KVER-ipfire-pae/build/scripts/show_delta
+#lib/modules/KVER-ipfire-pae/build/scripts/sign-file
#lib/modules/KVER-ipfire-pae/build/scripts/sign-file.c
#lib/modules/KVER-ipfire-pae/build/scripts/sortextable
#lib/modules/KVER-ipfire-pae/build/scripts/sortextable.c
#lib/modules/KVER-ipfire-pae/kernel/crypto/ansi_cprng.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/anubis.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/arc4.ko.xz
+#lib/modules/KVER-ipfire-pae/kernel/crypto/asymmetric_keys
+#lib/modules/KVER-ipfire-pae/kernel/crypto/asymmetric_keys/pkcs7_test_key.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/async_tx
#lib/modules/KVER-ipfire-pae/kernel/crypto/async_tx/async_memcpy.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/async_tx/async_pq.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/rmd160.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/rmd256.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/rmd320.ko.xz
-#lib/modules/KVER-ipfire-pae/kernel/crypto/rsa_generic.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/salsa20_generic.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/seed.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/serpent_generic.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/sha3_generic.ko.xz
-#lib/modules/KVER-ipfire-pae/kernel/crypto/sha512_generic.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/tcrypt.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/tea.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/crypto/tgr192.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/842
#lib/modules/KVER-ipfire-pae/kernel/lib/842/842_compress.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/842/842_decompress.ko.xz
-#lib/modules/KVER-ipfire-pae/kernel/lib/asn1_decoder.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/cordic.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/crc-itu-t.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/crc4.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/lz4/lz4hc_compress.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/lzo
#lib/modules/KVER-ipfire-pae/kernel/lib/lzo/lzo_compress.ko.xz
-#lib/modules/KVER-ipfire-pae/kernel/lib/mpi
-#lib/modules/KVER-ipfire-pae/kernel/lib/mpi/mpi.ko.xz
-#lib/modules/KVER-ipfire-pae/kernel/lib/oid_registry.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/parman.ko.xz
#lib/modules/KVER-ipfire-pae/kernel/lib/raid6
#lib/modules/KVER-ipfire-pae/kernel/lib/raid6/raid6_pq.ko.xz
cd $(DIR_APP) && make clean
cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ -$(VERSUFIX)/' Makefile
+ # Copy Module signing key configuration
+ cp -f $(DIR_SRC)/config/kernel/x509.genkey $(DIR_APP)/certs/x509.genkey
+
# Remove modules folder if exists
rm -rf /lib/modules/$(VER)-$(VERSUFIX)
cd $(DIR_APP) && cp -a --parents arch/$(HEADERS_ARCH)/include /lib/modules/$(VER)-$(VERSUFIX)/build
cd $(DIR_APP) && cp -a include /lib/modules/$(VER)-$(VERSUFIX)/build/include
+ # Copy module signing key for off tree modules
+ cd $(DIR_APP) && cp -f certs/signing_key.* /lib/modules/$(VER)-$(VERSUFIX)/build/certs/
+
# Install objtool
cd $(DIR_APP) && cp -a tools/objtool/objtool \
/lib/modules/$(VER)-$(VERSUFIX)/build/tools/objtool/ || :
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2020 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
cd $(DIR_APP) && make $(MAKETUNING)
# Install the built kernel modules.
+ mkdir -p $(MODPATH)
cd $(DIR_APP) && for f in $$(ls extensions/*.ko); do \
- mkdir -p $(MODPATH); \
- install -m 644 $$f $(MODPATH); \
+ /lib/modules/$$(uname -r)$(KCFG)/build/scripts/sign-file sha512 \
+ /lib/modules/$$(uname -r)$(KCFG)/build/certs/signing_key.pem \
+ /lib/modules/$$(uname -r)$(KCFG)/build/certs/signing_key.x509 \
+ $$f; \
+ xz $$f; \
+ install -m 644 $$f.xz $(MODPATH); \
done
endif