From: Ionen Wolkens <ionen@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: [gentoo-dev] [PATCH 2/4] profiles/use.desc: create USE=modules-sign global USE flag
Date: Fri, 26 May 2023 00:02:17 -0400 [thread overview]
Message-ID: <20230526040219.10852-3-ionen@gentoo.org> (raw)
In-Reply-To: <20230526040219.10852-1-ionen@gentoo.org>
Similarly to gyakovlev's proposition for signing back in 2018 (with
a module-sign IUSE), linux-mod-r1.eclass will make use of this to
enable/disable signing and it would be inconvenient if consumers
had to define it.
An alternative could be to automagic enable when the kernel has
"sign by default" a bit like compression is handled -- albeit this
can sometime need more configuration and may be unexpected (i.e.
permissions for keys, if keys were moved to a different locations,
passphrases, and dist-kernels unsurprisingly don't install the
private key and would result in failure out-of-the-box).
Having a USE also makes it more obvious that support exists,
and attempting to enable will give bit of explanations if anything
is amiss.
Name-wise, debated between this and 'sign-modules' but fwiw former
sorts better with the already existing 'modules'.
Signed-off-by: Ionen Wolkens <ionen@gentoo.org>
---
profiles/use.desc | 1 +
1 file changed, 1 insertion(+)
diff --git a/profiles/use.desc b/profiles/use.desc
index aa5d16dd652e..bd8cb7031ab8 100644
--- a/profiles/use.desc
+++ b/profiles/use.desc
@@ -192,6 +192,7 @@ mms - Support for Microsoft Media Server (MMS) streams
mng - Add support for libmng (MNG images)
modplug - Add libmodplug support for playing SoundTracker-style music files
modules - Build the kernel modules
+modules-sign - Cryptographically sign installed kernel modules (requires CONFIG_MODULE_SIG=y in the kernel)
mono - Build Mono bindings to support dotnet type stuff
motif - Add support for the Motif toolkit
mp3 - Add support for reading mp3 files
--
2.40.1
next prev parent reply other threads:[~2023-05-26 4:03 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-26 4:02 [gentoo-dev] [PATCH 0/4] linux-mod-r1.eclass: new eclass, rewrite of -r0 Ionen Wolkens
2023-05-26 4:02 ` [gentoo-dev] [PATCH 1/4] profiles/use.desc: create USE=strip global USE flag Ionen Wolkens
2023-05-26 5:06 ` Sam James
2023-05-26 5:25 ` Ionen Wolkens
2023-05-26 4:02 ` Ionen Wolkens [this message]
2023-05-26 4:02 ` [gentoo-dev] [PATCH 3/4] linux-mod-r1.eclass: new eclass, rewrite of linux-mod.eclass Ionen Wolkens
2023-05-28 12:41 ` [gentoo-dev] [PATCH v2] " Ionen Wolkens
2023-05-29 13:10 ` Ionen Wolkens
2023-05-26 4:02 ` [gentoo-dev] [PATCH 4/4] app-admin/ryzen_smu: migrate to linux-mod-r1 Ionen Wolkens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230526040219.10852-3-ionen@gentoo.org \
--to=ionen@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox