[PATCH 1/4] MODSIGN: Simplify Makefile with a Kconfig helper

Michal Marek Wed, 23 Jan 2013 07:31:55 -0800

Signed-off-by: Michal Marek <mma...@suse.cz>
---
 init/Kconfig    |    9 +++++++++
 kernel/Makefile |   24 ++----------------------
 2 files changed, 11 insertions(+), 22 deletions(-)


diff --git a/init/Kconfig b/init/Kconfig
index 6fdd6e3..ba7d1c1 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1634,6 +1634,15 @@ config MODULE_SIG_SHA512
 
 endchoice
 
+config MODULE_SIG_HASH
+       string
+       depends on MODULE_SIG
+       default "sha1" if MODULE_SIG_SHA1
+       default "sha224" if MODULE_SIG_SHA224
+       default "sha256" if MODULE_SIG_SHA256
+       default "sha384" if MODULE_SIG_SHA384
+       default "sha512" if MODULE_SIG_SHA512
+
 endif # MODULES
 
 config INIT_ALL_POSSIBLE
diff --git a/kernel/Makefile b/kernel/Makefile
index 86e3285..740bf4c 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -148,26 +148,6 @@ kernel/modsign_pubkey.o: signing_key.x509 
extra_certificates
 # fail and that the kernel may be used afterwards.
 #
 ###############################################################################
-sign_key_with_hash :=
-ifeq ($(CONFIG_MODULE_SIG_SHA1),y)
-sign_key_with_hash := -sha1
-endif
-ifeq ($(CONFIG_MODULE_SIG_SHA224),y)
-sign_key_with_hash := -sha224
-endif
-ifeq ($(CONFIG_MODULE_SIG_SHA256),y)
-sign_key_with_hash := -sha256
-endif
-ifeq ($(CONFIG_MODULE_SIG_SHA384),y)
-sign_key_with_hash := -sha384
-endif
-ifeq ($(CONFIG_MODULE_SIG_SHA512),y)
-sign_key_with_hash := -sha512
-endif
-ifeq ($(sign_key_with_hash),)
-$(error Could not determine digest type to use from kernel config)
-endif
-
 signing_key.priv signing_key.x509: x509.genkey
        @echo "###"
        @echo "### Now generating an X.509 key pair to be used for signing 
modules."
@@ -177,8 +157,8 @@ signing_key.priv signing_key.x509: x509.genkey
        @echo "### needs to be run as root, and uses a hardware random"
        @echo "### number generator if one is available."
        @echo "###"
-       openssl req -new -nodes -utf8 $(sign_key_with_hash) -days 36500 -batch \
-               -x509 -config x509.genkey \
+       openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
+               -batch -x509 -config x509.genkey \
                -outform DER -out signing_key.x509 \
                -keyout signing_key.priv
        @echo "###"
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH 1/4] MODSIGN: Simplify Makefile with a Kconfig helper

Reply via email to