[gentoo-dev] [PATCH 1/1] kernel-build.eclass: add missing dependency on openssl

Andrew Ammerlaan Sat, 19 Aug 2023 03:07:36 -0700

From the kernel `make nconfig` description:

```
Module signature verification (MODULE_SIG)


CONFIG_MODULE_SIG:

Check modules for valid signatures upon load: the signature
is simply appended to the module. For more information see
<file:Documentation/admin-guide/module-signing.rst>.

Note that this option adds the OpenSSL development packages as a
kernel build dependency so that the signing tool can use its crypto
library.
```

This patch adds the missing build dependency.

Best regards,
Andrew

diff --git a/eclass/kernel-build.eclass b/eclass/kernel-build.eclass
index 276a08a104e0..3bcb345a0c9b 100644
--- a/eclass/kernel-build.eclass
+++ b/eclass/kernel-build.eclass
@@ -92,6 +92,9 @@ IUSE="+strip"
 if [[ ${KERNEL_IUSE_MODULES_SIGN} ]]; then
        IUSE+=" modules-sign"
        REQUIRED_USE="secureboot? ( modules-sign )"
+       BDEPEND+="
+               modules-sign? ( dev-libs/openssl )
+       "
 fi

 # @FUNCTION: kernel-build_pkg_setup

[gentoo-dev] [PATCH 1/1] kernel-build.eclass: add missing dependency on openssl

Reply via email to