Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module signing support from Rusty Russell: "module signing is the highlight, but it's an all-over David Howells frenzy..." Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG. * 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits) X.509: Fix indefinite length element skip error handling X.509: Convert some printk calls to pr_devel asymmetric keys: fix printk format warning MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking MODSIGN: Make mrproper should remove generated files. MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs MODSIGN: Use the same digest for the autogen key sig as for the module sig MODSIGN: Sign modules during the build process MODSIGN: Provide a script for generating a key ID from an X.509 cert MODSIGN: Implement module signature checking MODSIGN: Provide module signing public keys to the kernel MODSIGN: Automatically generate module signing keys if missing MODSIGN: Provide Kconfig options MODSIGN: Provide gitignore and make clean rules for extra files MODSIGN: Add FIPS policy module: signature checking hook X.509: Add a crypto key parser for binary (DER) X.509 certificates MPILIB: Provide a function to read raw data into an MPI X.509: Add an ASN.1 decoder X.509: Add simple ASN.1 grammar compiler ...
This commit is contained in:
Linus Torvalds
@@ -14,7 +14,8 @@
|
||||
# 3) create one <module>.mod.c file pr. module
|
||||
# 4) create one Module.symvers file with CRC for all exported symbols
|
||||
# 5) compile all <module>.mod.c files
|
||||
# 6) final link of the module to a <module.ko> file
|
||||
# 6) final link of the module to a <module.ko> (or <module.unsigned>) file
|
||||
# 7) signs the modules to a <module.ko> file
|
||||
|
||||
# Step 3 is used to place certain information in the module's ELF
|
||||
# section, including information such as:
|
||||
@@ -32,6 +33,8 @@
|
||||
# Step 4 is solely used to allow module versioning in external modules,
|
||||
# where the CRC of each module is retrieved from the Module.symvers file.
|
||||
|
||||
# Step 7 is dependent on CONFIG_MODULE_SIG being enabled.
|
||||
|
||||
# KBUILD_MODPOST_WARN can be set to avoid error out in case of undefined
|
||||
# symbols in the final module linking stage
|
||||
# KBUILD_MODPOST_NOFINAL can be set to skip the final link of modules.
|
||||
@@ -116,6 +119,7 @@ $(modules:.ko=.mod.o): %.mod.o: %.mod.c FORCE
|
||||
targets += $(modules:.ko=.mod.o)
|
||||
|
||||
# Step 6), final link of the modules
|
||||
ifneq ($(CONFIG_MODULE_SIG),y)
|
||||
quiet_cmd_ld_ko_o = LD [M] $@
|
||||
cmd_ld_ko_o = $(LD) -r $(LDFLAGS) \
|
||||
$(KBUILD_LDFLAGS_MODULE) $(LDFLAGS_MODULE) \
|
||||
@@ -125,7 +129,78 @@ $(modules): %.ko :%.o %.mod.o FORCE
|
||||
$(call if_changed,ld_ko_o)
|
||||
|
||||
targets += $(modules)
|
||||
else
|
||||
quiet_cmd_ld_ko_unsigned_o = LD [M] $@
|
||||
cmd_ld_ko_unsigned_o = \
|
||||
$(LD) -r $(LDFLAGS) \
|
||||
$(KBUILD_LDFLAGS_MODULE) $(LDFLAGS_MODULE) \
|
||||
-o $@ $(filter-out FORCE,$^) \
|
||||
$(if $(AFTER_LINK),; $(AFTER_LINK))
|
||||
|
||||
$(modules:.ko=.ko.unsigned): %.ko.unsigned :%.o %.mod.o FORCE
|
||||
$(call if_changed,ld_ko_unsigned_o)
|
||||
|
||||
targets += $(modules:.ko=.ko.unsigned)
|
||||
|
||||
# Step 7), sign the modules
|
||||
MODSECKEY = ./signing_key.priv
|
||||
MODPUBKEY = ./signing_key.x509
|
||||
|
||||
ifeq ($(wildcard $(MODSECKEY))+$(wildcard $(MODPUBKEY)),$(MODSECKEY)+$(MODPUBKEY))
|
||||
ifeq ($(KBUILD_SRC),)
|
||||
# no O= is being used
|
||||
SCRIPTS_DIR := scripts
|
||||
else
|
||||
SCRIPTS_DIR := $(KBUILD_SRC)/scripts
|
||||
endif
|
||||
SIGN_MODULES := 1
|
||||
else
|
||||
SIGN_MODULES := 0
|
||||
endif
|
||||
|
||||
# only sign if it's an in-tree module
|
||||
ifneq ($(KBUILD_EXTMOD),)
|
||||
SIGN_MODULES := 0
|
||||
endif
|
||||
|
||||
# We strip the module as best we can - note that using both strip and eu-strip
|
||||
# results in a smaller module than using either alone.
|
||||
EU_STRIP = $(shell which eu-strip || echo true)
|
||||
|
||||
quiet_cmd_sign_ko_stripped_ko_unsigned = STRIP [M] $@
|
||||
cmd_sign_ko_stripped_ko_unsigned = \
|
||||
cp $< $@ && \
|
||||
strip -x -g $@ && \
|
||||
$(EU_STRIP) $@
|
||||
|
||||
ifeq ($(SIGN_MODULES),1)
|
||||
|
||||
quiet_cmd_genkeyid = GENKEYID $@
|
||||
cmd_genkeyid = \
|
||||
perl $(SCRIPTS_DIR)/x509keyid $< $<.signer $<.keyid
|
||||
|
||||
%.signer %.keyid: %
|
||||
$(call if_changed,genkeyid)
|
||||
|
||||
KEYRING_DEP := $(MODSECKEY) $(MODPUBKEY) $(MODPUBKEY).signer $(MODPUBKEY).keyid
|
||||
quiet_cmd_sign_ko_ko_stripped = SIGN [M] $@
|
||||
cmd_sign_ko_ko_stripped = \
|
||||
sh $(SCRIPTS_DIR)/sign-file $(MODSECKEY) $(MODPUBKEY) $< $@
|
||||
else
|
||||
KEYRING_DEP :=
|
||||
quiet_cmd_sign_ko_ko_unsigned = NO SIGN [M] $@
|
||||
cmd_sign_ko_ko_unsigned = \
|
||||
cp $< $@
|
||||
endif
|
||||
|
||||
$(modules): %.ko :%.ko.stripped $(KEYRING_DEP) FORCE
|
||||
$(call if_changed,sign_ko_ko_stripped)
|
||||
|
||||
$(patsubst %.ko,%.ko.stripped,$(modules)): %.ko.stripped :%.ko.unsigned FORCE
|
||||
$(call if_changed,sign_ko_stripped_ko_unsigned)
|
||||
|
||||
targets += $(modules)
|
||||
endif
|
||||
|
||||
# Add FORCE to the prequisites of a target to force it to be always rebuilt.
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
Reference in New Issue
Block a user