aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRusty Russell2012-10-18 20:23:15 -0500
committerLinus Torvalds2012-10-19 10:27:43 -0500
commite2a666d52b4825c26c857cada211f3baac26a600 (patch)
treeb7e91bd10e8c1b2932ffd1716fde3abccd7c4dd8 /Makefile
parentc9623de4fc2f8320fe94316b46171683be3b1d59 (diff)
downloadam43-linux-kernel-e2a666d52b4825c26c857cada211f3baac26a600.tar.gz
am43-linux-kernel-e2a666d52b4825c26c857cada211f3baac26a600.tar.xz
am43-linux-kernel-e2a666d52b4825c26c857cada211f3baac26a600.zip
kbuild: sign the modules at install time
Linus deleted the old code and put signing on the install command, I fixed it to extract the keyid and signer-name within sign-file and cleaned up that script now it always signs in-place. Some enthusiast should convert sign-key to perl and pull x509keyid into it. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'Makefile')
-rw-r--r--Makefile11
1 files changed, 11 insertions, 0 deletions
diff --git a/Makefile b/Makefile
index 366d0ab0c5f..4fd82f7fc0b 100644
--- a/Makefile
+++ b/Makefile
@@ -719,6 +719,17 @@ endif # INSTALL_MOD_STRIP
719export mod_strip_cmd 719export mod_strip_cmd
720 720
721 721
722ifeq ($(CONFIG_MODULE_SIG),y)
723MODSECKEY = ./signing_key.priv
724MODPUBKEY = ./signing_key.x509
725export MODPUBKEY
726mod_sign_cmd = sh $(srctree)/scripts/sign-file $(MODSECKEY) $(MODPUBKEY) $(srctree)/scripts/x509keyid
727else
728mod_sign_cmd = true
729endif
730export mod_sign_cmd
731
732
722ifeq ($(KBUILD_EXTMOD),) 733ifeq ($(KBUILD_EXTMOD),)
723core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ 734core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/
724 735