rpms / kernel

Clone
Source Code
GIT

Blame SOURCES/mod-sign.sh

c4 c5 c5-plus c6 c6-plus c7 c7-alt-modified c7-beta c7-i686 c7-sig-altarch-kernel c7-sig-altarch-kernelexp c7-sig-altarch-lts-5-10 c7-sig-altarch-lts-5-15 c7-sig-altarch-lts-5-4 c7-sig-altarch-lts-6-1 c7-sig-centosplus-kernel c8 c8-beta c8-init-modify c8-sig-altarch-lts-5-10 c8-sig-altarch-lts-5-15 c8-sig-altarch-lts-5-4 c8-sig-centosplus-kernel c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-altarch-lts-5-15 c9s-sig-hyperscale
  1.   c7-sig-altarch-kernelexp
  2.   SOURCES
  3.   mod-sign.sh
Blob History Raw
e336be 
#! /bin/bash
e336be
e336be 
# The modules_sign target checks for corresponding .o files for every .ko that
e336be 
# is signed. This doesn't work for package builds which re-use the same build
e336be 
# directory for every flavour, and the .config may change between flavours.
e336be 
# So instead of using this script to just sign lib/modules/$KernelVer/extra,
e336be 
# sign all .ko in the buildroot.
e336be
e336be 
# This essentially duplicates the 'modules_sign' Kbuild target and runs the
e336be 
# same commands for those modules.
e336be
e336be 
MODSECKEY=$1
e336be 
MODPUBKEY=$2
e336be
e336be 
moddir=$3
e336be
e336be 
modules=`find $moddir -name *.ko`
e336be
e336be 
for mod in $modules
e336be 
do
e336be 
    dir=`dirname $mod`
e336be 
    file=`basename $mod`
e336be
e336be 
    ./scripts/sign-file sha256 ${MODSECKEY} ${MODPUBKEY} ${dir}/${file}
e336be 
    rm -f ${dir}/${file}.{sig,dig}
e336be 
done
e336be
e336be 
RANDOMMOD=$(find $moddir -type f -name '*.ko' | sort -R | head -n 1)
e336be 
if [ "~Module signature appended~" != "$(tail -c 28 $RANDOMMOD)" ]; then
e336be 
    echo "*****************************"
e336be 
    echo "*** Modules are unsigned! ***"
e336be 
    echo "*****************************"
e336be 
    exit 1
e336be 
fi
e336be
e336be 
exit 0

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation