Looking for feedback on CONFIG_MODULE_HASHES for Linux
Thomas Weißschuh
thomas at t-8ch.de
Thu Nov 13 20:10:58 UTC 2025
Hi everyone,
I am the author of the CONFIG_MODULE_HASHES patchset [0] for the Linux kernel
which aims to enable reproducible kernel packages for Linux distributions.
My goal is to reignite development and continue with the upstream process.
To have a better base to argue with I'd like to get some confirmation that
distributions have looked at the patches and do intent to adapt this scheme when
it is available in the mainline kernel. That should help me get some leverage
with the upstream maintainers.
The current form of the patches can be found at [1], they are only slightly
adapted from the previous submission to LKML. Remaining open topics before the
next submission are proper IMA support and stripping of modules.
Future changes may introduce more hash algorithms and performance improvements,
but these should not be relvant for now.
So if you are packaging Linux for your distribution, have looked at my patches
and are eager to use them, please let me know. My plan is to talk with the
upstream maintainers at the upcoming Linux Plumbers Conference on 11th of December.
Thanks,
Thomas
[0] https://lore.kernel.org/lkml/20250429-module-hashes-v3-0-00e9258def9e@weissschuh.net/
[1] https://git.kernel.org/pub/scm/linux/kernel/git/thomas.weissschuh/linux.git/log/?h=b4/module-hashes
More information about the rb-general
mailing list