Tree - rpms/kernel - CentOS Git server

rpms / kernel

Blame SOURCES/mod-sign.sh

Blob History Raw

Pablo Greco	ceb317	`#! /bin/bash`
Pablo Greco	ceb317
Pablo Greco	ceb317	`# The modules_sign target checks for corresponding .o files for every .ko that`
Pablo Greco	ceb317	`# is signed. This doesn't work for package builds which re-use the same build`
Pablo Greco	ceb317	`# directory for every flavour, and the .config may change between flavours.`
Pablo Greco	ceb317	`# So instead of using this script to just sign lib/modules/$KernelVer/extra,`
Pablo Greco	ceb317	`# sign all .ko in the buildroot.`
Pablo Greco	ceb317
Pablo Greco	ceb317	`# This essentially duplicates the 'modules_sign' Kbuild target and runs the`
Pablo Greco	ceb317	`# same commands for those modules.`
Pablo Greco	ceb317
Pablo Greco	ceb317	`MODSECKEY=$1`
Pablo Greco	ceb317	`MODPUBKEY=$2`
Pablo Greco	ceb317	`moddir=$3`
Pablo Greco	ceb317
Pablo Greco	ceb317	modules=`find $moddir -type f -name '*.ko'`
Pablo Greco	ceb317
Pablo Greco	ceb317	NPROC=`nproc`
Pablo Greco	ceb317	`[ -z "$NPROC" ] && NPROC=1`
Pablo Greco	ceb317
Pablo Greco	ceb317	`# NB: this loop runs 2000+ iterations. Try to be fast.`
Pablo Greco	ceb317	`echo "$modules" \| xargs -r -n16 -P $NPROC sh -c "`
Pablo Greco	ceb317	`for mod; do`
Pablo Greco	ceb317	`./scripts/sign-file sha256 $MODSECKEY $MODPUBKEY \$mod`
Pablo Greco	ceb317	`rm -f \$mod.sig \$mod.dig`
Pablo Greco	ceb317	`done`
Pablo Greco	ceb317	`" DUMMYARG0 # xargs appends ARG1 ARG2..., which go into $mod in for loop.`
Pablo Greco	ceb317
Pablo Greco	ceb317	`RANDOMMOD=$(echo "$modules" \| sort -R \| head -n 1)`
Pablo Greco	ceb317	`if [ "~Module signature appended~" != "$(tail -c 28 $RANDOMMOD)" ]; then`
Pablo Greco	ceb317	`echo "*****************************"`
Pablo Greco	ceb317	`echo "* Modules are unsigned! *"`
Pablo Greco	ceb317	`echo "*****************************"`
Pablo Greco	ceb317	`exit 1`
Pablo Greco	ceb317	`fi`
Pablo Greco	ceb317
Pablo Greco	ceb317	`exit 0`

rpms / kernel

Source Code

Blame SOURCES/mod-sign.sh