diff options
author | Rusty Russell <rusty@rustcorp.com.au> | 2012-10-19 11:53:15 +1030 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-19 08:27:43 -0700 |
commit | e2a666d52b4825c26c857cada211f3baac26a600 (patch) | |
tree | b7e91bd10e8c1b2932ffd1716fde3abccd7c4dd8 /Makefile | |
parent | c9623de4fc2f8320fe94316b46171683be3b1d59 (diff) | |
download | linux-stable-e2a666d52b4825c26c857cada211f3baac26a600.tar.gz linux-stable-e2a666d52b4825c26c857cada211f3baac26a600.tar.bz2 linux-stable-e2a666d52b4825c26c857cada211f3baac26a600.zip |
kbuild: sign the modules at install time
Linus deleted the old code and put signing on the install command,
I fixed it to extract the keyid and signer-name within sign-file
and cleaned up that script now it always signs in-place.
Some enthusiast should convert sign-key to perl and pull
x509keyid into it.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'Makefile')
-rw-r--r-- | Makefile | 11 |
1 files changed, 11 insertions, 0 deletions
@@ -719,6 +719,17 @@ endif # INSTALL_MOD_STRIP export mod_strip_cmd +ifeq ($(CONFIG_MODULE_SIG),y) +MODSECKEY = ./signing_key.priv +MODPUBKEY = ./signing_key.x509 +export MODPUBKEY +mod_sign_cmd = sh $(srctree)/scripts/sign-file $(MODSECKEY) $(MODPUBKEY) $(srctree)/scripts/x509keyid +else +mod_sign_cmd = true +endif +export mod_sign_cmd + + ifeq ($(KBUILD_EXTMOD),) core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ |