MODSIGN: Simplify Makefile with a Kconfig helper

Signed-off-by: Michal Marek <mmarek@suse.cz>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Michal Marek 2013-01-25 13:41:00 +10:30 committed by Rusty Russell
parent a3535c7e4f
commit 227536740e
2 changed files with 12 additions and 19 deletions

View File

@ -1697,6 +1697,15 @@ config MODULE_SIG_SHA512
endchoice
config MODULE_SIG_HASH
string
depends on MODULE_SIG
default "sha1" if MODULE_SIG_SHA1
default "sha224" if MODULE_SIG_SHA224
default "sha256" if MODULE_SIG_SHA256
default "sha384" if MODULE_SIG_SHA384
default "sha512" if MODULE_SIG_SHA512
endif # MODULES
config INIT_ALL_POSSIBLE

View File

@ -153,23 +153,7 @@ kernel/modsign_certificate.o: signing_key.x509 extra_certificates
# fail and that the kernel may be used afterwards.
#
###############################################################################
sign_key_with_hash :=
ifeq ($(CONFIG_MODULE_SIG_SHA1),y)
sign_key_with_hash := -sha1
endif
ifeq ($(CONFIG_MODULE_SIG_SHA224),y)
sign_key_with_hash := -sha224
endif
ifeq ($(CONFIG_MODULE_SIG_SHA256),y)
sign_key_with_hash := -sha256
endif
ifeq ($(CONFIG_MODULE_SIG_SHA384),y)
sign_key_with_hash := -sha384
endif
ifeq ($(CONFIG_MODULE_SIG_SHA512),y)
sign_key_with_hash := -sha512
endif
ifeq ($(sign_key_with_hash),)
ifndef CONFIG_MODULE_SIG_HASH
$(error Could not determine digest type to use from kernel config)
endif
@ -182,8 +166,8 @@ signing_key.priv signing_key.x509: x509.genkey
@echo "### needs to be run as root, and uses a hardware random"
@echo "### number generator if one is available."
@echo "###"
openssl req -new -nodes -utf8 $(sign_key_with_hash) -days 36500 -batch \
-x509 -config x509.genkey \
openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
-batch -x509 -config x509.genkey \
-outform DER -out signing_key.x509 \
-keyout signing_key.priv
@echo "###"