| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Dec 2021 11:53:54 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: linux-kbuild@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Michal Simek <michal.simek@...inx.com>,
linux-arch@...r.kernel.org, David Howells <dhowells@...hat.com>,
David Woodhouse <dwmw2@...radead.org>,
keyrings@...r.kernel.org, Richard Weinberger <richard@....at>,
Nicolas Schier <n.schier@....de>,
Masahiro Yamada <masahiroy@...nel.org>
Subject: [PATCH v2 10/11] certs: move scripts/extract-cert to certs/
extract-cert is only used in certs/Makefile.
Move it there and build extract-cert on demand.
Signed-off-by: Masahiro Yamada <masahiroy@...nel.org>
---
Changes in v2:
- new patch
MAINTAINERS | 1 -
certs/.gitignore | 1 +
certs/Makefile | 13 +++++++++----
{scripts => certs}/extract-cert.c | 2 +-
scripts/.gitignore | 1 -
scripts/Makefile | 11 ++---------
scripts/remove-stale-files | 2 ++
7 files changed, 15 insertions(+), 16 deletions(-)
rename {scripts => certs}/extract-cert.c (98%)
diff --git a/MAINTAINERS b/MAINTAINERS
index 360e9aa0205d..f321ddbb1ab0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -4410,7 +4410,6 @@ L: keyrings@...r.kernel.org
S: Maintained
F: Documentation/admin-guide/module-signing.rst
F: certs/
-F: scripts/extract-cert.c
F: scripts/sign-file.c
CFAG12864B LCD DRIVER
diff --git a/certs/.gitignore b/certs/.gitignore
index 8c3763f80be3..9e42fe3e02f5 100644
--- a/certs/.gitignore
+++ b/certs/.gitignore
@@ -1,3 +1,4 @@
# SPDX-License-Identifier: GPL-2.0-only
+/extract-cert
/x509_certificate_list
/x509_revocation_list
diff --git a/certs/Makefile b/certs/Makefile
index 7b48445d71f6..f7041c29a2e0 100644
--- a/certs/Makefile
+++ b/certs/Makefile
@@ -13,11 +13,11 @@ obj-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += blacklist_nohashes.o
endif
quiet_cmd_extract_certs = CERT $@
- cmd_extract_certs = scripts/extract-cert $(2) $@
+ cmd_extract_certs = $(obj)/extract-cert $(2) $@
$(obj)/system_certificates.o: $(obj)/x509_certificate_list
-$(obj)/x509_certificate_list: $(CONFIG_SYSTEM_TRUSTED_KEYS) scripts/extract-cert FORCE
+$(obj)/x509_certificate_list: $(CONFIG_SYSTEM_TRUSTED_KEYS) $(obj)/extract-cert FORCE
$(call if_changed,extract_certs,$(if $(CONFIG_SYSTEM_TRUSTED_KEYS),$<,""))
targets += x509_certificate_list
@@ -74,7 +74,7 @@ endif
$(obj)/system_certificates.o: $(obj)/signing_key.x509
-$(obj)/signing_key.x509: $(X509_DEP) scripts/extract-cert FORCE
+$(obj)/signing_key.x509: $(X509_DEP) $(obj)/extract-cert FORCE
$(call if_changed,extract_certs,$(if $(X509_DEP),$<,$(CONFIG_MODULE_SIG_KEY)))
endif # CONFIG_MODULE_SIG
@@ -82,7 +82,12 @@ targets += signing_key.x509
$(obj)/revocation_certificates.o: $(obj)/x509_revocation_list
-$(obj)/x509_revocation_list: $(CONFIG_SYSTEM_REVOCATION_KEYS) scripts/extract-cert FORCE
+$(obj)/x509_revocation_list: $(CONFIG_SYSTEM_REVOCATION_KEYS) $(obj)/extract-cert FORCE
$(call if_changed,extract_certs,$(if $(CONFIG_SYSTEM_REVOCATION_KEYS),$<,""))
targets += x509_revocation_list
+
+hostprogs := extract-cert
+
+HOSTCFLAGS_extract-cert.o = $(shell pkg-config --cflags libcrypto 2> /dev/null)
+HOSTLDLIBS_extract-cert = $(shell pkg-config --libs libcrypto 2> /dev/null || echo -lcrypto)
diff --git a/scripts/extract-cert.c b/certs/extract-cert.c
similarity index 98%
rename from scripts/extract-cert.c
rename to certs/extract-cert.c
index 3bc48c726c41..f7ef7862f207 100644
--- a/scripts/extract-cert.c
+++ b/certs/extract-cert.c
@@ -29,7 +29,7 @@ static __attribute__((noreturn))
void format(void)
{
fprintf(stderr,
- "Usage: scripts/extract-cert <source> <dest>\n");
+ "Usage: extract-cert <source> <dest>\n");
exit(2);
}
diff --git a/scripts/.gitignore b/scripts/.gitignore
index e83c620ef52c..eed308bef604 100644
--- a/scripts/.gitignore
+++ b/scripts/.gitignore
@@ -1,7 +1,6 @@
# SPDX-License-Identifier: GPL-2.0-only
/asn1_compiler
/bin2c
-/extract-cert
/insert-sys-cert
/kallsyms
/module.lds
diff --git a/scripts/Makefile b/scripts/Makefile
index 9adb6d247818..e198b22dc476 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -3,25 +3,18 @@
# scripts contains sources for various helper programs used throughout
# the kernel for the build process.
-CRYPTO_LIBS = $(shell pkg-config --libs libcrypto 2> /dev/null || echo -lcrypto)
-CRYPTO_CFLAGS = $(shell pkg-config --cflags libcrypto 2> /dev/null)
-
hostprogs-always-$(CONFIG_BUILD_BIN2C) += bin2c
hostprogs-always-$(CONFIG_KALLSYMS) += kallsyms
hostprogs-always-$(BUILD_C_RECORDMCOUNT) += recordmcount
hostprogs-always-$(CONFIG_BUILDTIME_TABLE_SORT) += sorttable
hostprogs-always-$(CONFIG_ASN1) += asn1_compiler
hostprogs-always-$(CONFIG_MODULE_SIG_FORMAT) += sign-file
-hostprogs-always-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += extract-cert
hostprogs-always-$(CONFIG_SYSTEM_EXTRA_CERTIFICATE) += insert-sys-cert
-hostprogs-always-$(CONFIG_SYSTEM_REVOCATION_LIST) += extract-cert
HOSTCFLAGS_sorttable.o = -I$(srctree)/tools/include
HOSTCFLAGS_asn1_compiler.o = -I$(srctree)/include
-HOSTCFLAGS_sign-file.o = $(CRYPTO_CFLAGS)
-HOSTLDLIBS_sign-file = $(CRYPTO_LIBS)
-HOSTCFLAGS_extract-cert.o = $(CRYPTO_CFLAGS)
-HOSTLDLIBS_extract-cert = $(CRYPTO_LIBS)
+HOSTCFLAGS_sign-file.o = $(shell pkg-config --cflags libcrypto 2> /dev/null)
+HOSTLDLIBS_sign-file = $(shell pkg-config --libs libcrypto 2> /dev/null || echo -lcrypto)
ifdef CONFIG_UNWINDER_ORC
ifeq ($(ARCH),x86_64)
diff --git a/scripts/remove-stale-files b/scripts/remove-stale-files
index 0114c41e6938..dd230792056a 100755
--- a/scripts/remove-stale-files
+++ b/scripts/remove-stale-files
@@ -34,3 +34,5 @@ if [ -n "${building_out_of_srctree}" ]; then
rm -f arch/mips/boot/compressed/${f}
done
fi
+
+rm -f scripts/extract-cert
--
2.32.0
Powered by blists - more mailing lists