Re: RFC: sign the modules at install time

From: Josh Boyer
Date: Wed Oct 17 2012 - 19:20:42 EST

Next message: Linus Torvalds: "Re: RFC: sign the modules at install time"
Previous message: Stephen Warren: "[PATCH V4 2/2] kbuild: run the pre-processor on *.dts files"
In reply to: Linus Torvalds: "Re: RFC: sign the modules at install time"
Next in thread: Linus Torvalds: "Re: RFC: sign the modules at install time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 17, 2012 at 7:07 PM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Wed, Oct 17, 2012 at 3:26 PM, Josh Boyer <jwboyer@xxxxxxxxx> wrote:
>>
>> The downside is that it won't work for distros. Or at least the distros
>> using RPM's debuginfo subpackage mechanism.
>
> Hmm. It *should* work for them too, because the debuginfo modules stay
> around in the object tree, and never get stripped there. None of this

Debuginfo is run on the installed tree ($RPM_BUILD_ROOT), not the
object tree. It's how RPM works. It kind of has to because it should
only create debuginfo files for files that are actually installed by
the RPM.

I know it's no different from how it _used_ to work with stripped
modules, but that's a problem that was solved a while ago. The existing
build system works for both users and distros in that regard, and that
is my goal for modsigning too.

> Anyway, I seriously think that the kernel build should worry about
> *users*, not about the distro building their binaries. And I do think
> the current mess is unacceptable (following the insane
> "stripped->extra stripping->signed->potentially stripped *again* at
> install time" code was just insane). I may not have reacted as much as
> David to the actual build having slowed down, but having looked at the
> makefiles, there really is no excuse for that mess.

I'm not saying your patch is wrong. I'm not even saying it isn't
better. I'm simply saying it doesn't work as-is for distros.

What I'd like to do is come up with a solution that works for both
cases. E.g. if we take your patch and apply it, but also create a
config option and a 'make modules_sign' target to sign them in the
installed tree and not at 'modules_install' time. Or something along
those lines.

Distros want to do this too, and have been doing this for a while. It
might be required for Secure Boot in some distro's eyes, but that is
really a side effect. Distros _are_ users. Or if you're not as starry
eyed as I am, they're at least a gateway for a large number of users.
I want those people to get the benefits of signed modules and I'd really
like to do it without the distros having to carry patches or do further
monkeying around after the buildsystem is done. That's all.

josh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: RFC: sign the modules at install time"
Previous message: Stephen Warren: "[PATCH V4 2/2] kbuild: run the pre-processor on *.dts files"
In reply to: Linus Torvalds: "Re: RFC: sign the modules at install time"
Next in thread: Linus Torvalds: "Re: RFC: sign the modules at install time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]