If MODPUBKEY is specified and other than default ./signing_key.x509, use
that key instead of generating one on-the-fly.
Signed-off-by: Eric Miao <eric.m...@nvidia.com>
Cc: David Howells <dhowe...@redhat.com>
Cc: Dan Willemsen <dwillem...@nvidia.com>
---
kernel/Makefile | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/kernel/Makefile b/kernel/Makefile
index 1ce4755..66c7c32 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -165,6 +165,13 @@ ifndef CONFIG_MODULE_SIG_HASH
$(error Could not determine digest type to use from kernel config)
endif
+ifneq ($(MODPUBKEY),./signing_key.x509)
+signing_key.x509: $(MODPUBKEY)
+ @echo "###"
+ @echo "### Use pre-generated X.509 key pair for signing modules."
+ @echo "###"
+ cp -f $< $@
+else
signing_key.priv signing_key.x509: x509.genkey
@echo "###"
@echo "### Now generating an X.509 key pair to be used for signing
modules."
@@ -202,3 +209,4 @@ x509.genkey:
@echo >>x509.genkey "subjectKeyIdentifier=hash"
@echo >>x509.genkey "authorityKeyIdentifier=keyid"
endif
+endif
--
1.8.4.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
