From: "Steven J. Long" <slong@rathaus.eclipse.co.uk>
To: gentoo-dev@lists.gentoo.org
Subject: [gentoo-dev] Re: [RFC] patch linux-mod.eclass to add support for module signing
Date: Fri, 8 Mar 2013 17:44:13 +0000 [thread overview]
Message-ID: <20130308174413.GA1440@rathaus.eclipse.co.uk> (raw)
In-Reply-To: <CA+ZvHYHJEa+9BXkFd6hjMQNyptC1PD+Qxx8ue4CCtLD6DH-xBw@mail.gmail.com>
On Wed, Mar 06, 2013 at 06:25:38PM -0100, Carlos Silva wrote:
> + if ! use module-signing; then
> + return 1
> + fi
use module-signing || return 1
> +
> + # Check that the configuration is correct
> + KERNEL_MODSECKEY="${KERNEL_MODSECKEY:-${KV_DIR}/signing_key.priv}"
No shell field-splits (aka word-split) assignments. If sh did that, then
things like foo=$(cmd ...) would not work; so there's no need to quote
there. It's only needed for foo="$bar baz" and the like, and foo="$*" iff
you're playing with IFS (for completeness.)
That, and case $foo in .. are the *only* two places I know of where sh
doesn't field split; bash also has [[ as below. arr[i]=$bar works, but
arr+=("$bar") requires the quotes.
> + if [ ! -z "${KERNEL_MODSECKEY}x" -a ! -e "${KERNEL_MODSECKEY}" ]; then
What is the x for there? It's forcing the first test to true and is thus
redundant. Also, bash has [[ which doesn't field-split, and is quicker:
if [[ -n $KERNEL_MODSECKEY -a ! -e $KERNEL_MODSECKEY ]]; then
Though from the above, the -n (or ! -z) test is not needed, as it's set to
$KV_DIR/signing_key.priv if empty:
if [[ ! -e $KERNEL_MODSECKEY ]]; then
I think I'd use -s instead of -e here, as an empty file is also incorrect.
(help test)
> + eerror "KERNEL_MODSECKEY points to a missing file:"
> + eerror "${KERNEL_MODSECKEY}"
> + die "Invalid KERNEL_MODSECKEY"
> + fi
> + if [ ! -z "${KERNEL_MODPUBKEY}x" -a ! -e "${KERNEL_MODPUBKEY}" ]; then
Ditto.
--
#friendly-coders -- We're friendly, but we're not /that/ friendly ;-)
prev parent reply other threads:[~2013-03-08 17:21 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-06 19:25 [gentoo-dev] [RFC] patch linux-mod.eclass to add support for module signing Carlos Silva
2013-03-06 19:32 ` Steev Klimaszewski
2013-03-06 19:54 ` Carlos Silva
2013-03-06 21:39 ` Peter Stuge
2013-03-06 22:07 ` Carlos Silva
2013-03-06 22:14 ` Peter Stuge
2013-03-06 22:19 ` Carlos Silva
2013-03-08 17:44 ` Steven J. Long [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130308174413.GA1440@rathaus.eclipse.co.uk \
--to=slong@rathaus.eclipse.co.uk \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox