Bug 1223544 - kernel config: enable CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG
Summary: kernel config: enable CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG
Status: RESOLVED FIXED
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel (show other bugs)
Version: Current
Hardware: Other Other
: P5 - None : Normal (vote)
Target Milestone: ---
Assignee: Coly Li
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-04-29 15:13 UTC by Ludwig Nussel
Modified: 2024-06-18 05:57 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2024-04-29 15:13:23 UTC 
Systemd wants to have CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG to enable signed Verity images: https://github.com/systemd/systemd/blob/main/README#L131

Any chance we can enable that (and potentially other settings we missed) in TW kernels to leverage systemd's full potential?
Comment 1 Takashi Iwai 2024-05-03 08:46:25 UTC 
Actually this config has been already enabled on SLE15 since years ago (bsc#1175995,jsc#SLE-15608).

It's just missing on stable/master branch.

Hannes, I suppose we should take it to master/stable branch, too?
Comment 2 Daan De Meyer 2024-05-29 06:42:28 UTC 
Ping?
Comment 3 Coly Li 2024-05-29 16:26:18 UTC 
Let me handle this.
Comment 4 Coly Li 2024-05-29 17:03:59 UTC 
The update of configs for enabling CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG gets submitted into my master/for-next and stable/for-next branches.

Waiting for maintainers to response.
Comment 5 Jiri Slaby 2024-06-18 05:57:45 UTC 
I believe we are done here.