Patches posted to the Linux kernel mailing list this week are seeking to remove SHA1 support for signing of kernel modules. This is part of the larger effort in the industry for moving away from SHA1 given its vulnerabilities to hash collisions and superior hashing algorithms being available.
SUSE engineer Petr Pavlu sent out the patch set this week to remove SHA1 support for module signing within the Linux kernel. He noted on that patch series:
“SHA-1 is considered deprecated and insecure due to vulnerabilities that can lead to hash collisions. Most distributions have already been using SHA-2 for module signing because of this. The default was also changed last year from SHA-1 to SHA-512 in f3b93547b91a (“module: sign with sha512 instead of sha1 by default”). This was not reported to cause any issues. Therefore, it now seems to be a good time to remove SHA-1 support for module signing.
Looking at the configs of several distributions, it seems only Android still uses SHA-1 for module signing.”
Thus fairly straight-forward and a good time to remove SHA1 support for signing of kernel modules. It was also followed-up from Google that SHA1 module signing isn’t actually used on Android and no objections to its removal. Android also doesn’t rely on module signing for security but rather just to differentiate between module types.
This patch series removes the SHA1 module signing support from the Linux kernel and one less use of the insecure SHA1 in the wild.
