modsign: Extract signing cert from CONFIG_MODULE_SIG_KEY if needed
Where an external PEM file or PKCS#11 URI is given, we can get the cert from it for ourselves instead of making the user drop signing_key.x509 in place for us. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
This commit is contained in:
committed by
David Howells
parent
19e91b69d7
commit
1329e8cc69
+2
-1
@@ -16,11 +16,12 @@ hostprogs-$(CONFIG_VT) += conmakehash
|
||||
hostprogs-$(BUILD_C_RECORDMCOUNT) += recordmcount
|
||||
hostprogs-$(CONFIG_BUILDTIME_EXTABLE_SORT) += sortextable
|
||||
hostprogs-$(CONFIG_ASN1) += asn1_compiler
|
||||
hostprogs-$(CONFIG_MODULE_SIG) += sign-file
|
||||
hostprogs-$(CONFIG_MODULE_SIG) += sign-file extract-cert
|
||||
|
||||
HOSTCFLAGS_sortextable.o = -I$(srctree)/tools/include
|
||||
HOSTCFLAGS_asn1_compiler.o = -I$(srctree)/include
|
||||
HOSTLOADLIBES_sign-file = -lcrypto
|
||||
HOSTLOADLIBES_extract-cert = -lcrypto
|
||||
|
||||
always := $(hostprogs-y) $(hostprogs-m)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user