modsign: Use single PEM file for autogenerated key

The current rule for generating signing_key.priv and signing_key.x509 is a classic example of a bad rule which has a tendency to break parallel make. When invoked to create *either* target, it generates the other target as a side-effect that make didn't predict. So let's switch to using a single file signing_key.pem which contains both key and certificate. That matches what we do in the case of an external key specified by CONFIG_MODULE_SIG_KEY anyway, so it's also slightly cleaner. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
author: David Woodhouse <David.Woodhouse@intel.com> 2015-07-20 16:16:30 -0400
committer: David Howells <dhowells@redhat.com> 2015-08-07 11:26:14 -0400
commit: fb1179499134bc718dc7557c7a6a95dc72f224cb (patch)
tree: 5a0b7e87708c275071f4c3079099854a13eee812 /init
parent: 1329e8cc69b93a0b1bc6d197b30dcff628c18dbf (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/init/Kconfig b/init/Kconfig
index e2e0a1d27886..2b119850784b 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1950,7 +1950,7 @@ config MODULE_SIG_HASH
 config MODULE_SIG_KEY
        string "File name or PKCS#11 URI of module signing key"
-        default "signing_key.priv"
+        default "signing_key.pem"
        depends on MODULE_SIG
        help
         Provide the file name of a private key/certificate in PEM format,
@@ -1958,7 +1958,7 @@ config MODULE_SIG_KEY
         the URI should identify, both the certificate and its corresponding
         private key.
-         If this option is unchanged from its default "signing_key.priv",
+         If this option is unchanged from its default "signing_key.pem",
         then the kernel will automatically generate the private key and
         certificate as described in Documentation/module-signing.txt
author	David Woodhouse <David.Woodhouse@intel.com>	2015-07-20 16:16:30 -0400
committer	David Howells <dhowells@redhat.com>	2015-08-07 11:26:14 -0400
commit	fb1179499134bc718dc7557c7a6a95dc72f224cb (patch)
tree	5a0b7e87708c275071f4c3079099854a13eee812 /init
parent	1329e8cc69b93a0b1bc6d197b30dcff628c18dbf (diff)

diff --git a/init/Kconfig b/init/Kconfig index e2e0a1d27886..2b119850784b 100644 --- a/init/Kconfig +++ b/init/Kconfig
@@ -1950,7 +1950,7 @@ config MODULE_SIG_HASH
1950		1950
1951	config MODULE_SIG_KEY	1951	config MODULE_SIG_KEY
1952	string "File name or PKCS#11 URI of module signing key"	1952	string "File name or PKCS#11 URI of module signing key"
1953	default "signing_key.priv"	1953	default "signing_key.pem"
1954	depends on MODULE_SIG	1954	depends on MODULE_SIG
1955	help	1955	help
1956	Provide the file name of a private key/certificate in PEM format,	1956	Provide the file name of a private key/certificate in PEM format,
@@ -1958,7 +1958,7 @@ config MODULE_SIG_KEY
1958	the URI should identify, both the certificate and its corresponding	1958	the URI should identify, both the certificate and its corresponding
1959	private key.	1959	private key.
1960		1960
1961	If this option is unchanged from its default "signing_key.priv",	1961	If this option is unchanged from its default "signing_key.pem",
1962	then the kernel will automatically generate the private key and	1962	then the kernel will automatically generate the private key and
1963	certificate as described in Documentation/module-signing.txt	1963	certificate as described in Documentation/module-signing.txt
1964		1964