Ack: [SRU precise/lts-backport-raring 1/1] UBUNTU: [Debian] Re-sign modules after debug objcopy
Brad Figg
brad.figg at canonical.com
Fri Mar 7 18:35:23 UTC 2014
On 03/07/2014 10:32 AM, Andy Whitcroft wrote:
> From: Tim Gardner <tim.gardner at canonical.com>
>
> BugLink: http://bugs.launchpad.net/bugs/1253155
>
> Adding a GNU debug link to a module ELF destroys the
> module signature, so re-sign the module file after the objcopy.
>
> objcopy --add-gnu-debuglink=$(dbgpkgdir)/usr/lib/debug/$$module $(pkgdir)/$$module;
> scripts/sign-file $(CONFIG_MODULE_SIG_HASH) $(MODSECKEY) $(MODPUBKEY) $(pkgdir)/$$module;
>
> Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
> Acked-by: Andy Whitcroft <apw at canonical.com>
> Acked-by: Stefan Bader <stefan.bader at canonical.com>
> Signed-off-by: Andy Whitcroft <apw at canonical.com>
> ---
> debian/rules.d/2-binary-arch.mk | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/debian/rules.d/2-binary-arch.mk b/debian/rules.d/2-binary-arch.mk
> index c593ef2..54bc527 100644
> --- a/debian/rules.d/2-binary-arch.mk
> +++ b/debian/rules.d/2-binary-arch.mk
> @@ -54,6 +54,9 @@ install-%: instfile = $(call custom_override,install_file,$*)
> install-%: hdrdir = $(CURDIR)/debian/$(basepkg)-$*/usr/src/$(basepkg)-$*
> install-%: target_flavour = $*
> install-%: dtb_files = $(dtb_files_$*)
> +install-%: CONFIG_MODULE_SIG_HASH=sha512
> +install-%: MODSECKEY=$(builddir)/build-$*/signing_key.priv
> +install-%: MODPUBKEY=$(builddir)/build-$*/signing_key.x509
> install-%: checks-%
> @echo Debug: $@ kernel_file $(kernel_file) kernfile $(kernfile) install_file $(install_file) instfile $(instfile)
> dh_testdir
> @@ -212,6 +215,8 @@ ifneq ($(skipdbg),true)
> $(CROSS_COMPILE)objcopy \
> --add-gnu-debuglink=$(dbgpkgdir)/usr/lib/debug/$$module \
> $(pkgdir)/$$module; \
> + scripts/sign-file $(CONFIG_MODULE_SIG_HASH) $(MODSECKEY) $(MODPUBKEY) \
> + $(pkgdir)/$$module; \
> fi; \
> done
> rm -f $(dbgpkgdir)/usr/lib/debug/lib/modules/$(abi_release)-$*/build
>
--
Brad Figg brad.figg at canonical.com http://www.canonical.com
More information about the kernel-team
mailing list