Re: [PATCH] MODSIGN: do not send garbage to stderr when enablingmodules signature

From: David Cohen
Date: Tue Apr 09 2013 - 17:27:41 EST

On 04/08/2013 08:27 PM, Rusty Russell wrote:
David Cohen <david.a.cohen@xxxxxxxxx> writes:
openssl may send garbage to stderr when generating X.509 key pair for
modules signature regardless there was an error or not. It makes more
difficult to create scripts based on kernel error/warning messages.
This patch makes sure openssl logs go to default stdout.

Signed-off-by: David Cohen <david.a.cohen@xxxxxxxxx>
Can you please give an example of the "garbage" in your commit message,
or is it binary?

I can write to commit message, it's not binary. I'll send a new patch.

The problem is openssl writes its logs to stderr.
Here's the example I'm going to write to commit message. I captured only stderr in this case:

crypto/anubis.c:581: warning: ‘inter’ is used uninitialized in this function
Generating a 4096 bit RSA private key
.........
drivers/gpu/drm/i915/i915_gem_gtt.c: In function ‘gen6_ggtt_insert_entries’:
drivers/gpu/drm/i915/i915_gem_gtt.c:440: warning: ‘addr’ may be used uninitialized in this function
.net/mac80211/tx.c: In function ‘ieee80211_subif_start_xmit’:
net/mac80211/tx.c:1780: warning: ‘chanctx_conf’ may be used uninitialized in this function
..drivers/isdn/hardware/mISDN/hfcpci.c: In function ‘hfcpci_softirq’:
.....drivers/isdn/hardware/mISDN/hfcpci.c:2298: warning: ignoring return value of ‘driver_for_each_device’, declared with attribute warn_unused_result
net/unix/af_unix.c: In function ‘unix_bind’:
net/unix/af_unix.c:892: warning: ‘path.dentry’ may be used uninitialized in this function
net/unix/af_unix.c:892: warning: ‘path.mnt’ may be used uninitialized in this function
...++
In file included from drivers/message/i2o/config-osm.c:39:
drivers/message/i2o/i2o_config.c: In function ‘i2o_cfg_passthru’:
drivers/message/i2o/i2o_config.c:888: warning: cast to pointer from integer of different size
drivers/message/i2o/i2o_config.c:943: warning: cast to pointer from integer of different size
drivers/net/ethernet/amd/nmclan_cs.c: In function ‘nmclan_config’:
drivers/net/ethernet/amd/nmclan_cs.c:625: warning: ‘pcmcia_request_exclusive_irq’ is deprecated (declared at include/pcmcia/ds.h:201)
drivers/net/ethernet/mellanox/mlx4/mcg.c: In function ‘find_entry’:
.........................................................................................................................................................................................++
writing new private key to 'signing_key.priv'
-----
drivers/net/ethernet/mellanox/mlx4/mcg.c:601: warning: ‘hash’ may be used uninitialized in this function


The problem happens when we use high N value on make -jN. All warnings get mixed with dots and other outputs from openssl when printed during key pair generation.

Br, David



Thanks,
Rusty,.

---
kernel/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/Makefile b/kernel/Makefile
index bbde5f1..5a51e6c 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -175,7 +175,7 @@ signing_key.priv signing_key.x509: x509.genkey
openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
-batch -x509 -config x509.genkey \
-outform DER -out signing_key.x509 \
- -keyout signing_key.priv
+ -keyout signing_key.priv 2>&1
@echo "###"
@echo "### Key pair generated."
@echo "###"
--
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/