Re: [GIT PULL] MODSIGN: Use PKCS#7 for module signatures [ver #7a]

From: David Woodhouse
Date: Wed Aug 12 2015 - 06:23:38 EST

Next message: Lee Jones: "Re: [PATCH v2 5/6] mailbox: Add generic mechanism for testing Mailbox Controllers"
Previous message: Joonyoung Shim: "[PATCH v2] rtc: s3c: fix disabled clocks for alarm"
In reply to: James Morris: "Re: [GIT PULL] MODSIGN: Use PKCS#7 for module signatures [ver #7a]"
Next in thread: James Morris: "Re: [GIT PULL] MODSIGN: Use PKCS#7 for module signatures [ver #7a]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2015-08-12 at 20:08 +1000, James Morris wrote:
> make-3.81-20.el6.x86_64
>
> The machine is not accessible, sorry.

No matter. I have a CentOS 6 VM in which I can attempt to reproduce.

> Where is MODULE_SIG_KEY_FILENAME assigned?

At about line 243:

$(eval $(call config_filename,MODULE_SIG_KEY))

Or, more to the point, somewhere in here... you may now understand why
I made a new jug of coffee. I had torture-tested this with fairly much
every pathology I could think of. And you've managed to break it with
the *default* case. Congratulations. You just made me cry.

###############################################################################
#
# When a Kconfig string contains a filename, it is suitable for
# passing to shell commands. It is surrounded by double-quotes, and
# any double-quotes or backslashes within it are escaped by
# backslashes.
#
# This is no use for dependencies or $(wildcard). We need to strip the
# surrounding quotes and the escaping from quotes and backslashes, and
# we *do* need to escape any spaces in the string. So, for example:
#
# Usage: $(eval $(call config_filename,FOO))
#
# Defines FOO_FILENAME based on the contents of the CONFIG_FOO option,
# transformed as described above to be suitable for use within the
# makefile.
#
# Also, if the filename is a relative filename and exists in the source
# tree but not the build tree, define FOO_SRCPREFIX as $(srctree)/ to
# be prefixed to *both* command invocation and dependencies.
#
# Note: We also print the filenames in the quiet_cmd_foo text, and
# perhaps ought to have a version specially escaped for that purpose.
# But it's only cosmetic, and $(patsubst "%",%,$(CONFIG_FOO)) is good
# enough. It'll strip the quotes in the common case where there's no
# space and it's a simple filename, and it'll retain the quotes when
# there's a space. There are some esoteric cases in which it'll print
# the wrong thing, but we don't really care. The actual dependencies
# and commands *do* get it right, with various combinations of single
# and double quotes, backslashes and spaces in the filenames.
#
###############################################################################
#
quote := $(firstword " ")
space :=
space +=
space_escape := %%%SPACE%%%
#
define config_filename =
ifneq ($$(CONFIG_$(1)),"")
$(1)_FILENAME := $$(subst \\,\,$$(subst \$$(quote),$$(quote),$$(subst $$(space_escape),\$$(space),$$(patsubst "%",%,$$(subst $$(space),$$(space_escape),$$(CONFIG_$(1)))))))
ifneq ($$(patsubst /%,%,$$(firstword $$($(1)_FILENAME))),$$(firstword $$($(1)_FILENAME)))
else
ifeq ($$(wildcard $$($(1)_FILENAME)),)
ifneq ($$(wildcard $$(srctree)/$$($(1)_FILENAME)),)
$(1)_SRCPREFIX := $(srctree)/
endif
endif
endif
endif
endef

--
dwmw2

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Lee Jones: "Re: [PATCH v2 5/6] mailbox: Add generic mechanism for testing Mailbox Controllers"
Previous message: Joonyoung Shim: "[PATCH v2] rtc: s3c: fix disabled clocks for alarm"
In reply to: James Morris: "Re: [GIT PULL] MODSIGN: Use PKCS#7 for module signatures [ver #7a]"
Next in thread: James Morris: "Re: [GIT PULL] MODSIGN: Use PKCS#7 for module signatures [ver #7a]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]