| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Dec 2021 14:07:50 +0100
From: Nicolas Schier <n.schier@....de>
To: Masahiro Yamada <masahiroy@...nel.org>
Cc: linux-kbuild@...r.kernel.org,
Michal Simek <michal.simek@...inx.com>,
linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org,
David Howells <dhowells@...hat.com>,
David Woodhouse <dwmw2@...radead.org>,
keyrings@...r.kernel.org, Richard Weinberger <richard@....at>
Subject: Re: [PATCH 02/10] certs: unify duplicated cmd_extract_certs and
improve the log
On Mon, Dec 13, 2021 at 04:29:33AM +0900, Masahiro Yamada wrote:
> cmd_extract_certs is defined twice. Unify them.
>
> The current log shows the input file $(2), which might be empty.
> You cannot know what is being created from the log, "EXTRACT_CERTS".
>
> Change the log to show the output file with better alignment.
>
> [Before]
>
> EXTRACT_CERTS certs/signing_key.pem
> CC certs/system_keyring.o
> EXTRACT_CERTS
> AS certs/system_certificates.o
> CC certs/common.o
> CC certs/blacklist.o
> EXTRACT_CERTS
> AS certs/revocation_certificates.o
>
> [After]
>
> CERT certs/signing_key.x509
> CC certs/system_keyring.o
> CERT certs/x509_certificate_list
> AS certs/system_certificates.o
> CC certs/common.o
> CC certs/blacklist.o
> CERT certs/x509_revocation_list
> AS certs/revocation_certificates.o
>
> Signed-off-by: Masahiro Yamada <masahiroy@...nel.org>
> ---
Reviewed-by: Nicolas Schier <n.schier@....de>
>
> certs/Makefile | 9 +++------
> 1 file changed, 3 insertions(+), 6 deletions(-)
>
> diff --git a/certs/Makefile b/certs/Makefile
> index 97fd6cc02972..945e53d90d38 100644
> --- a/certs/Makefile
> +++ b/certs/Makefile
> @@ -12,6 +12,9 @@ else
> obj-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += blacklist_nohashes.o
> endif
>
> +quiet_cmd_extract_certs = CERT $@
> + cmd_extract_certs = scripts/extract-cert $(2) $@
> +
> ifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y)
>
> $(eval $(call config_filename,SYSTEM_TRUSTED_KEYS))
> @@ -22,9 +25,6 @@ $(obj)/system_certificates.o: $(obj)/x509_certificate_list
> # Cope with signing_key.x509 existing in $(srctree) not $(objtree)
> AFLAGS_system_certificates.o := -I$(srctree)
>
> -quiet_cmd_extract_certs = EXTRACT_CERTS $(patsubst "%",%,$(2))
> - cmd_extract_certs = scripts/extract-cert $(2) $@
> -
> targets += x509_certificate_list
> $(obj)/x509_certificate_list: scripts/extract-cert $(SYSTEM_TRUSTED_KEYS_SRCPREFIX)$(SYSTEM_TRUSTED_KEYS_FILENAME) FORCE
> $(call if_changed,extract_certs,$(SYSTEM_TRUSTED_KEYS_SRCPREFIX)$(CONFIG_SYSTEM_TRUSTED_KEYS))
> @@ -98,9 +98,6 @@ $(eval $(call config_filename,SYSTEM_REVOCATION_KEYS))
>
> $(obj)/revocation_certificates.o: $(obj)/x509_revocation_list
>
> -quiet_cmd_extract_certs = EXTRACT_CERTS $(patsubst "%",%,$(2))
> - cmd_extract_certs = scripts/extract-cert $(2) $@
> -
> targets += x509_revocation_list
> $(obj)/x509_revocation_list: scripts/extract-cert $(SYSTEM_REVOCATION_KEYS_SRCPREFIX)$(SYSTEM_REVOCATION_KEYS_FILENAME) FORCE
> $(call if_changed,extract_certs,$(SYSTEM_REVOCATION_KEYS_SRCPREFIX)$(CONFIG_SYSTEM_REVOCATION_KEYS))
> --
> 2.32.0
>
Powered by blists - more mailing lists