[PATCH 2/2] MODSIG: use pre-generated X.509 key by MODPUBKEY

[Eric Miao]

If MODPUBKEY is specified and other than default ./signing_key.x509, use
that key instead of generating one on-the-fly.

Signed-off-by: Eric Miao <eric.miao@xxxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: Dan Willemsen <dwillemsen@xxxxxxxxxx>
---
 kernel/Makefile | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kernel/Makefile b/kernel/Makefile
index 1ce4755..66c7c32 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -165,6 +165,13 @@ ifndef CONFIG_MODULE_SIG_HASH
 $(error Could not determine digest type to use from kernel config)
 endif
 
+ifneq ($(MODPUBKEY),./signing_key.x509)
+signing_key.x509: $(MODPUBKEY)
+	@echo "###"
+	@echo "### Use pre-generated X.509 key pair for signing modules."
+	@echo "###"
+	cp -f $< $@
+else
 signing_key.priv signing_key.x509: x509.genkey
 	@echo "###"
 	@echo "### Now generating an X.509 key pair to be used for signing modules."
@@ -202,3 +209,4 @@ x509.genkey:
 	@echo >>x509.genkey "subjectKeyIdentifier=hash"
 	@echo >>x509.genkey "authorityKeyIdentifier=keyid"
 endif
+endif
-- 
1.8.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/