Re: [PATCH 1/2] kbuild: cleanup signing keys with mrproper

From: Stephen Hemminger
Date: Thu May 11 2017 - 13:26:13 EST

Next message: Anna Schumaker: "Re: [RFC][PATCH 00/14] VFS: Introduce superblock configuration context [ver #2]"
Previous message: Mike Galbraith: "Re: [drm:qxl] BUG: sleeping function called from invalid context - qxl_bo_kmap_atomic_page()...splat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 3 May 2017 13:37:08 +0900
Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> wrote:

> +CC David Woodhouse
> +CC David Howells
>
>
> 2017-04-15 6:54 GMT+09:00 Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx>:
> > When 'make mrproper' is run it was supposed to remove the signing
> > keys in the certs directory, but only the filename is given
> > rather than the pathanme which is necessary to cause cleanup.
> >
> > Signed-off-by: Stephen Hemminger <sthemmin@xxxxxxxxxxxxx>
> > ---
> > Makefile | 6 +++---
> > 1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/Makefile b/Makefile
> > index efa267a92ba6..04ca211552f7 100644
> > --- a/Makefile
> > +++ b/Makefile
> > @@ -1274,9 +1274,9 @@ MRPROPER_DIRS += include/config usr/include include/generated \
> > arch/*/include/generated .tmp_objdiff
> > MRPROPER_FILES += .config .config.old .version .old_version \
> > Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \
> > - signing_key.pem signing_key.priv signing_key.x509 \
> > - x509.genkey extra_certificates signing_key.x509.keyid \
> > - signing_key.x509.signer vmlinux-gdb.py
> > + certs/signing_key.pem certs/signing_key.priv certs/signing_key.x509 \
> > + certs/x509.genkey certs/extra_certificates certs/signing_key.x509.keyid \
> > + certs/signing_key.x509.signer vmlinux-gdb.py
> >
>
> The logic seems quite simple,
> but I am not quite sure which file is still valid?
>
>
> [1] signing_key.pem - OK, this should be certs/signing_key.pem
> and removed by 'make mrproper'
>
> [2] signing_key.priv - deprecated by commit fb1179499134 ?
>
> [3] signing_key.x509 - OK, this should be certs/signing_key.x509
> and removed by 'make mrproper'
>
> [4] x509.genkey - this is an intermediate file for generating signing_key.pem,
> but unneeded for installing external modules.
> Does it make more sense to delete this by 'make clean'?
>
> [5] extra_certificates - I am not sure where this is generated, and used
>
> [6] siging_key.x509.keyid - same as [5]
>
> [7] signing_key.x509.signer - same as [5]

Retested with current Linus tree:

After build, these files are present:
signing_key.x509

This file is never cleaned up by clean or proper.

The changes that I think are necessary:
certs/extra_certificates is no longer used, remove it from Makefile

certs/signing_key.x509 should be removed by mrproper

Next message: Anna Schumaker: "Re: [RFC][PATCH 00/14] VFS: Introduce superblock configuration context [ver #2]"
Previous message: Mike Galbraith: "Re: [drm:qxl] BUG: sleeping function called from invalid context - qxl_bo_kmap_atomic_page()...splat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]