From: Georgy Yakovlev <gyakovlev@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] [PATCH] eclass/linux-mod.eclass: add module signing support
Date: Fri, 21 Sep 2018 19:30:42 -0700 [thread overview]
Message-ID: <2311497.hzvSJFrEj0@reaper.local.sysdump.net> (raw)
In-Reply-To: <63ca33b7-7663-65bc-24a9-b5f4538dbfa8@gentoo.org>
[-- Attachment #1: Type: text/plain, Size: 1001 bytes --]
On Friday, September 21, 2018 3:59:26 PM PDT Chí-Thanh Christopher Nguyễn
wrote:
> Alexander Tsoy schrieb:
> >> + sign_binary_path="${KV_OUT_DIR}/scripts/sign-file"
> >
> > Yet another way to screw up modules building. It relies on some binary
> > in the kernel build dir that may break after openssl update (e.g.
> > soname change).
>
> Maybe the sign-file application could be packaged, for example as part of
> sys-apps/linux-misc-apps.
>
>
> Best regards,
> Chí-Thanh Christopher Nguyễn
linux-mod.eclass already relies on full kernel build dir to be available to
build modules.
and depending on another ebuild means that it has to be keyworded on different
arches to actually support signing on those arches.
simple kbuild approach is better IMO, if a system can build a kernel and
modules means it can sign it.
Maintaining separate package, especially with kernel update pace will be a
nightmare.
--
Regads,
Georgy Yakovlev
Gentoo Linux Developer
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2018-09-22 2:30 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-21 5:13 [gentoo-dev] [PATCH] eclass/linux-mod.eclass: add module signing support Georgy Yakovlev
2018-09-21 12:58 ` Alexander Tsoy
2018-09-21 22:59 ` Chí-Thanh Christopher Nguyễn
2018-09-22 2:30 ` Georgy Yakovlev [this message]
2018-09-22 2:22 ` Georgy Yakovlev
2018-10-01 8:48 ` [gentoo-dev] [PATCH 1/2] " Georgy Yakovlev
2018-10-01 8:48 ` [gentoo-dev] [PATCH 2/2] profiles: mask module signing for testing Georgy Yakovlev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2311497.hzvSJFrEj0@reaper.local.sysdump.net \
--to=gyakovlev@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox