David Howells writes:
> Rusty Russell wrote:
>
>> > (Side note: I hope people realize that the random key is generated
>> > with a 100-year lifespan. So if you build a kernel today, you do
>> > potentially have a "year-2112 problem". I'm not horribly worried, but
>> > I *am* a bit worried about 3
Linus Torvalds writes:
> On Fri, Oct 19, 2012 at 12:58 PM, Linus Torvalds
> wrote:
>>
>> Tssk. I fixed it up, and now it works-for-me(tm), but some perl person
>> probably really should try to make that sign-file and x509keyid merge.
>> My fix made the thing even slower, doing two extra "wc -c" i
On Sat, Oct 20, 2012 at 9:41 AM, Romain Francoise wrote:
>
> Yes, however the key generation itself is horribly verbose and doesn't mix
> very well with the output of a parallel build. Now that the modules are
> signed at install time, presumably the key should be generated then as
> well, and the
Linus Torvalds writes:
> I like how the default makefiles do that "create and use random key"
> thing by default. THAT is what I want to see.
Yes, however the key generation itself is horribly verbose and doesn't mix
very well with the output of a parallel build. Now that the modules are
signed
Stephen Rothwell writes:
> Hi Rusty,
>
> On Fri, 19 Oct 2012 11:53:15 +1030 Rusty Russell
> wrote:
>>
>> Linus Torvalds writes:
>> > On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell
>> > wrote:
>> >>
>> >> Hacking the keyid and signer-name to be extracted every time by
>> >> sign-file takes my
On Fri, Oct 19, 2012 at 12:58 PM, Linus Torvalds
wrote:
>
> Tssk. I fixed it up, and now it works-for-me(tm), but some perl person
> probably really should try to make that sign-file and x509keyid merge.
> My fix made the thing even slower, doing two extra "wc -c" invocations
> since it can't do "
On Thu, Oct 18, 2012 at 6:23 PM, Rusty Russell wrote:
>
> Smerged them together: no point moving the x509keyid script now.
> I dropped the optional dst arg, since we don't use it.
>
> Thanks,
> Rusty.
> ===
> From: Rusty Russell
> Subject: [PATCH] kbuild: sign the modules at install time
>
> Linu
On Thu, Oct 18, 2012 at 9:16 PM, Rusty Russell wrote:
> Josh Boyer writes:
>> On Thu, Oct 18, 2012 at 2:46 PM, Linus Torvalds
>> wrote:
>>> On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell
>>> wrote:
Hacking the keyid and signer-name to be extracted every time by
sign-file takes
On Thu, Oct 18, 2012 at 8:48 PM, Rusty Russell wrote:
> Josh Boyer writes:
>> It might even be able to be moved entirely into scripts/Makefile.modinst
>> but I haven't gotten that far yet.
>
> Thanks, I'll add this.
Excellent.
> Note it was word-wrapped here though :(
Sigh. Sorry, Rusty. I t
Am 19.10.2012 13:25, schrieb David Howells:
Stephen Rothwell wrote:
So, this still generates the keys during the normal build, right? That
would be a problem for build servers that have limited randomness
available to them, I think.
openssl uses /dev/urandom (unlike gpg), so that's less of
Hi David,
On Fri, 19 Oct 2012 12:25:23 +0100 David Howells wrote:
>
> Stephen Rothwell wrote:
>
> > So, this still generates the keys during the normal build, right? That
> > would be a problem for build servers that have limited randomness
> > available to them, I think.
>
> openssl uses /de
Stephen Rothwell wrote:
> So, this still generates the keys during the normal build, right? That
> would be a problem for build servers that have limited randomness
> available to them, I think.
openssl uses /dev/urandom (unlike gpg), so that's less of a problem.
David
--
To unsubscribe from t
Rusty Russell wrote:
> > (Side note: I hope people realize that the random key is generated
> > with a 100-year lifespan. So if you build a kernel today, you do
> > potentially have a "year-2112 problem". I'm not horribly worried, but
> > I *am* a bit worried about 32-bit time_t overflow and I ho
Hi Rusty,
On Fri, 19 Oct 2012 11:53:15 +1030 Rusty Russell wrote:
>
> Linus Torvalds writes:
> > On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell
> > wrote:
> >>
> >> Hacking the keyid and signer-name to be extracted every time by
> >> sign-file takes my modules_install time from 18.6 seconds t
Linus Torvalds writes:
> On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell wrote:
>>
>> Hacking the keyid and signer-name to be extracted every time by
>> sign-file takes my modules_install time from 18.6 seconds to 19.1. We'd
>> get that back easily by making sign-file a perl script anyway; it ca
Josh Boyer writes:
> On Thu, Oct 18, 2012 at 2:46 PM, Linus Torvalds
> wrote:
>> On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell
>> wrote:
>>>
>>> Hacking the keyid and signer-name to be extracted every time by
>>> sign-file takes my modules_install time from 18.6 seconds to 19.1. We'd
>>> get
Josh Boyer writes:
> It might even be able to be moved entirely into scripts/Makefile.modinst
> but I haven't gotten that far yet.
Thanks, I'll add this.
Note it was word-wrapped here though :(
Cheers,
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body
Linus Torvalds writes:
> So signing is the nice flexible option, and technically the right
> thing to do.
Meh It's 52k of extra text to get that 'nice flexible'; 1% of my
kernel image. That's a lot of bug free code.
> (Side note: I hope people realize that the random key is generated
> with
The micturator of the Holy Penguin Pee spake:
> (Side note: I hope people realize that the random key is generated
> with a 100-year lifespan. So if you build a kernel today, you do
> potentially have a "year-2112 problem". I'm not horribly worried, but
> I *am* a bit worried about 32-bit time_t ov
On Thu, Oct 18, 2012 at 2:46 PM, Linus Torvalds
wrote:
> On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell wrote:
>>
>> Hacking the keyid and signer-name to be extracted every time by
>> sign-file takes my modules_install time from 18.6 seconds to 19.1. We'd
>> get that back easily by making sign-
On Wed, Oct 17, 2012 at 10:34 PM, Rusty Russell wrote:
>
> Hacking the keyid and signer-name to be extracted every time by
> sign-file takes my modules_install time from 18.6 seconds to 19.1. We'd
> get that back easily by making sign-file a perl script anyway; it calls
> out to perl 3 times alre
On Thu, Oct 18, 2012 at 03:04:26PM +1030, Rusty Russell wrote:
> Linus Torvalds writes:
> > On Wed, Oct 17, 2012 at 5:54 PM, Greg KH wrote:
> >>>
> >>> One of the main sane use-cases for module signing is:
> >>>
> >>> - CONFIG_CHECK_SIGNATURE=y
> >>> - randomly generated one-time key
> >>> - "
On Thu, Oct 18, 2012 at 5:11 AM, Josh Boyer wrote:
>
> It also excludes out-of-tree drivers. I wouldn't personally shed a tear
> for them, but it eliminates a use-case that people could have if we just
> stuck to the signed module approach.
>
> I'd prefer if we just cleaned up what we already hav
On Thu, Oct 18, 2012 at 03:01:08PM +1030, Rusty Russell wrote:
> Linus Torvalds writes:
> > On Wed, Oct 17, 2012 at 3:19 PM, David Howells wrote:
> >>
> >> It's probably even better to just get rid of all the automatic module
> >> signing
> >> stuff completely and leave the sign-file script for
Linus Torvalds writes:
> On Wed, Oct 17, 2012 at 6:17 PM, Rusty Russell wrote:
>>
>> You cut too much: you need genkeyid.
>
> Yeah, I sent out a fixed version later, but I much prefer your version
> that generates those files earlier, not a "make modules_install".
Still committing a minor crime
Linus Torvalds writes:
> On Wed, Oct 17, 2012 at 3:19 PM, David Howells wrote:
>>
>> It's probably even better to just get rid of all the automatic module signing
>> stuff completely and leave the sign-file script for the builder to use
>> manually. The module verification code will still be pre
Linus Torvalds writes:
>Ta-daa, you have your debuginfo modules installed, and they are
> signed. Create the debuginfo rpm.
>
> - now, strip the modules. This obviously destroys the signatures
Note this doesn't remove them. You'll need something like:
dd if=$k of=$k.nosig bs=$(grep -cba $
Linus Torvalds writes:
> On Wed, Oct 17, 2012 at 5:54 PM, Greg KH wrote:
>>>
>>> One of the main sane use-cases for module signing is:
>>>
>>> - CONFIG_CHECK_SIGNATURE=y
>>> - randomly generated one-time key
>>> - "make modules_install; make install"
>>> - "make clean" to get rid of the keys.
On Wed, Oct 17, 2012 at 6:17 PM, Rusty Russell wrote:
>
> You cut too much: you need genkeyid.
Yeah, I sent out a fixed version later, but I much prefer your version
that generates those files earlier, not a "make modules_install".
[ Btw, your email "Date:" field is from 2+ hours ago, but it hit
On Wed, Oct 17, 2012 at 8:14 PM, Linus Torvalds
wrote:
>
> Oh, yes, we should make sure the key file gets cleaned up at "make clean".
Ooh, double-checked.
Actually, we have documented "make clean" to leave around "enough
build support to build external modules".
So technically, I guess what we
Linus Torvalds writes:
> This was based on the complaint from Davem that the "make
> allmodconfig" build got way slower because module signing takes a
> while.
>
> And quite frankly, the whole "extra strip and sign" thing at modpost
> time was just nasty ugly code.
>
> Why don't we do something *m
On Wed, Oct 17, 2012 at 5:54 PM, Greg KH wrote:
>>
>> One of the main sane use-cases for module signing is:
>>
>> - CONFIG_CHECK_SIGNATURE=y
>> - randomly generated one-time key
>> - "make modules_install; make install"
>> - "make clean" to get rid of the keys.
>> - reboot.
>
> I want that to
On Wed, Oct 17, 2012 at 03:44:28PM -0700, Linus Torvalds wrote:
> On Wed, Oct 17, 2012 at 3:19 PM, David Howells wrote:
> >
> > It's probably even better to just get rid of all the automatic module
> > signing
> > stuff completely and leave the sign-file script for the builder to use
> > manually
On Wed, Oct 17, 2012 at 7:21 PM, Linus Torvalds
wrote:
> On Wed, Oct 17, 2012 at 4:07 PM, Linus Torvalds
> wrote:
>>
>> Hmm. It *should* work for them too, because the debuginfo modules stay
>> around in the object tree, and never get stripped there. None of this
>> is different from what we used
On Wed, Oct 17, 2012 at 4:44 PM, Linus Torvalds
wrote:
>
> I'll send out a fixed patch asap,
Ok, this is not pretty, and I think it generates the .signer and
.keyid files at the wrong time.
I do the kernel build as a regular user, and just "make install" as
root, and now it generates those turds
On Wed, Oct 17, 2012 at 4:25 PM, Linus Torvalds
wrote:
>
> It really should work fine with the much simplified module-signing
> rules too.
Actually, my "much simplified modules-install" is a bit broken.
It worked for me last time (I'm running that kernel and modules now),
but I just triggered a
On Wed, Oct 17, 2012 at 4:20 PM, Josh Boyer wrote:
>
> Debuginfo is run on the installed tree ($RPM_BUILD_ROOT), not the
> object tree. It's how RPM works. It kind of has to because it should
> only create debuginfo files for files that are actually installed by
> the RPM.
Yeah, I just read you
On Wed, Oct 17, 2012 at 4:07 PM, Linus Torvalds
wrote:
>
> Hmm. It *should* work for them too, because the debuginfo modules stay
> around in the object tree, and never get stripped there. None of this
> is different from what we used to do before: we stripped the modules
> as we copied them to /l
On Wed, Oct 17, 2012 at 7:07 PM, Linus Torvalds
wrote:
> On Wed, Oct 17, 2012 at 3:26 PM, Josh Boyer wrote:
>>
>> The downside is that it won't work for distros. Or at least the distros
>> using RPM's debuginfo subpackage mechanism.
>
> Hmm. It *should* work for them too, because the debuginfo m
On Wed, Oct 17, 2012 at 3:26 PM, Josh Boyer wrote:
>
> The downside is that it won't work for distros. Or at least the distros
> using RPM's debuginfo subpackage mechanism.
Hmm. It *should* work for them too, because the debuginfo modules stay
around in the object tree, and never get stripped th
On Wed, Oct 17, 2012 at 3:19 PM, David Howells wrote:
>
> It's probably even better to just get rid of all the automatic module signing
> stuff completely and leave the sign-file script for the builder to use
> manually. The module verification code will still be present.
That's just disgusting
On Wed, Oct 17, 2012 at 4:36 PM, Linus Torvalds
wrote:
> This was based on the complaint from Davem that the "make
> allmodconfig" build got way slower because module signing takes a
> while.
>
> And quite frankly, the whole "extra strip and sign" thing at modpost
> time was just nasty ugly code.
Linus Torvalds wrote:
> This was based on the complaint from Davem that the "make
> allmodconfig" build got way slower because module signing takes a
> while.
>
> And quite frankly, the whole "extra strip and sign" thing at modpost
> time was just nasty ugly code.
>
> Why don't we do something
This was based on the complaint from Davem that the "make
allmodconfig" build got way slower because module signing takes a
while.
And quite frankly, the whole "extra strip and sign" thing at modpost
time was just nasty ugly code.
Why don't we do something *much* simpler? We already have a
condit
44 matches
Mail list logo
