From patchwork Fri Apr 10 00:37:18 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Abelardo Ricart III X-Patchwork-Id: 6191461 Return-Path: X-Original-To: patchwork-linux-kbuild@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id D25A69F349 for ; Fri, 10 Apr 2015 00:37:23 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id EEFBB2035E for ; Fri, 10 Apr 2015 00:37:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 08F6C2035D for ; Fri, 10 Apr 2015 00:37:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753307AbbDJAhV (ORCPT ); Thu, 9 Apr 2015 20:37:21 -0400 Received: from 66.63.173.11.static.quadranet.com ([66.63.173.11]:49470 "EHLO q1.ich-9.com" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1752908AbbDJAhU (ORCPT ); Thu, 9 Apr 2015 20:37:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=memnix.com; s=default; h=Content-Transfer-Encoding:Mime-Version:Content-Type:Date:Cc:To:From:Subject:Message-ID; bh=kZHIe+cCKAS7ogTspRkggP21U/v/Lnq3KVN3xb6cn4A=; b=hxHARYfpat8WNXElL/bQnBSvQ0H3UpvDSI6fH95FrHlwEVYdZWjbyr3xa7VhZvi0qaEzCv5lLaWhyMuzsTZFd7T/SeyT68UgQ5li/m5LOy2hPeBFSCt3pLUps/ytaTZv64Qjf6B8cKJUyPKBG90P6z72TefCptfQwtq4IB34EQQ=; Received: from [50.48.200.118] (port=56284 helo=degrade) by q1.ich-9.com with esmtpsa (TLSv1.2:AES128-GCM-SHA256:128) (Exim 4.85) (envelope-from ) id 1YgMwh-004Bb7-Tr; Thu, 09 Apr 2015 17:37:20 -0700 Message-ID: <1428626238.3789.0.camel@memnix.com> Subject: [PATCHv2 RFC 1/1] Explicit check for existing X.509 module signing keypair From: Abelardo Ricart III To: linux-kbuild@vger.kernel.org Cc: mmarek@suse.cz Date: Thu, 09 Apr 2015 20:37:18 -0400 X-Mailer: Evolution 3.16.0 Mime-Version: 1.0 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - q1.ich-9.com X-AntiAbuse: Original Domain - vger.kernel.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - memnix.com X-Get-Message-Sender-Via: q1.ich-9.com: authenticated_id: aricart@memnix.com Sender: linux-kbuild-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The module-signing.txt documentation states that the kernel will use an existing x.509 key pair for module signing should they exist in the root of the source tree. However, user provided signing keys are unexpectedly overwritten during build if the last-modified times on the key pair are older than the "x509.genkey" target dependency. This fix stops this unexpected behavior, and warns if the key pair was not found. Signed-off-by: Abelardo Ricart III --- -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/kernel/Makefile b/kernel/Makefile index 1408b33..10c8df0 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -168,7 +168,8 @@ ifndef CONFIG_MODULE_SIG_HASH $(error Could not determine digest type to use from kernel config) endif -signing_key.priv signing_key.x509: x509.genkey +signing_key.priv signing_key.x509: | x509.genkey + $(warning *** X.509 module signing key pair not found in root of source tree ***) @echo "###" @echo "### Now generating an X.509 key pair to be used for signing modules." @echo "###"