From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 04233C6FD1D for ; Tue, 21 Mar 2023 19:34:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230310AbjCUTez (ORCPT ); Tue, 21 Mar 2023 15:34:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50370 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230287AbjCUTeq (ORCPT ); Tue, 21 Mar 2023 15:34:46 -0400 Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com [IPv6:2607:f8b0:4864:20::42d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 127EC570B5 for ; Tue, 21 Mar 2023 12:34:09 -0700 (PDT) Received: by mail-pf1-x42d.google.com with SMTP id fd25so9747574pfb.1 for ; Tue, 21 Mar 2023 12:34:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427226; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JfE1Pm3xCC/xMjfmbV6dg9bDdIIYNa99PYfAs69HM0w=; b=lg/FcqI+lffJF0M/bbmFlheKKJUVTXCS5F8jAhnrBAvXyA2IqG/9hmNjzvsDp5ngKk SDO3W2J+fE6lLOj/TSKcsSfKiFb6PBXyAUEVycnCvhNuN9U4QO10ihmPCnwMX6t+okTd V7073khKaNF0l7HH0sODuuxEBuR26SC2Sfr3Ejf/A3DwrerYutz/aKdNC06BGtcx9VTd jOqI5hf/s5xGB8YKp8zGdbn0XnRG5QE7Io2dLaEw2EDU6RVp+0sQBepgBPbMNnM1vGVC w2gtIizlYIO1WyZAXij+vlqgRARBPm42MVPHtG3mEBeVhkuHvcJl9KuzowBZXUqqcm+P ELjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427226; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JfE1Pm3xCC/xMjfmbV6dg9bDdIIYNa99PYfAs69HM0w=; b=EycJZurnMRKaNtbX9dO0lkGbc2874R1xwH37vsERv4GSiRcqjNFXyQNcKfdgoQCLir C9Y2TX/5Z1RO8h9Q4jLrVKwd4ET+uxWuartUjIxLWn54dRlyT0iQErQ9D1D9u7WlFcL+ Rzb54LhQ8OsPRnq5EL6pWlV9kwz1f+vRdhGSLzr9Yh9SgcdmfC795gVip2Q4AqoJtPy5 qyUK9YLjRALEsrfQ6Dv5qa1YHZgJI0pvT5JGj+mG4ivQA8GohclChNDilLqL4bWjrmMJ Tsh3y/gU2tvHVzFFclSnR5aLMeyq/YJ0TeQIY2kfY55La4dcKa/vN4zoInzMJtGSauaD 0AyQ== X-Gm-Message-State: AO0yUKXAn7Kq+WcFipmZkubkO6+9cgkbmRpOdXeWo0Ec3Ybm6KP4x9H4 jmstKnTCBbBo/srwNR0LEHc= X-Google-Smtp-Source: AK7set+AIpPB2wg+jmk+XWvuY7jaNO6CT8aybg2knfYtPhrLXe9DgrH3ebZsJ6n8B4fdOysRGySkBA== X-Received: by 2002:a05:6a00:2e1e:b0:626:2bb0:30d4 with SMTP id fc30-20020a056a002e1e00b006262bb030d4mr1076267pfb.8.1679427226423; Tue, 21 Mar 2023 12:33:46 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:46 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 1/7] sign-file: use getopt_long_only for parsing input args Date: Wed, 22 Mar 2023 01:03:35 +0530 Message-Id: <20230321193341.87997-2-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi - getopt_long_only gives an option to use long names for options, so using it here to make the app usage easier. - Use more easy to remember command line argument names - Introduce cmd_opts structure to ease the handling of command line args Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 97 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 78 insertions(+), 19 deletions(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 598ef5465f82..94228865b6cc 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -213,15 +213,77 @@ static X509 *read_x509(const char *x509_name) return x509; } =20 +struct cmd_opts { + char *raw_sig_name; + bool save_sig; + bool replace_orig; + bool raw_sig; + bool sign_only; +#ifndef USE_PKCS7 + unsigned int use_keyid; +#endif +}; + +static void parse_args(int argc, char **argv, struct cmd_opts *opts) +{ + struct option cmd_options[] =3D { + {"rawsig", required_argument, 0, 's'}, + {"savesig", no_argument, 0, 'p'}, + {"signonly", no_argument, 0, 'd'}, +#ifndef USE_PKCS7 + {"usekeyid", no_argument, 0, 'k'}, +#endif + {0, 0, 0, 0} + }; + + int opt; + int opt_index =3D 0; + + do { +#ifndef USE_PKCS7 + opt =3D getopt_long_only(argc, argv, "pds:", + cmd_options, &opt_index); +#else + opt =3D getopt_long_only(argc, argv, "pdks:", + cmd_options, &opt_index); +#endif + switch (opt) { + case 's': + opts->raw_sig =3D true; + opts->raw_sig_name =3D optarg; + break; + + case 'p': + opts->save_sig =3D true; + break; + + case 'd': + opts->sign_only =3D true; + opts->save_sig =3D true; + break; + +#ifndef USE_PKCS7 + case 'k': + opts->use_keyid =3D CMS_USE_KEYID; + break; +#endif + + case -1: + break; + + default: + format(); + break; + } + } while (opt !=3D -1); +} + int main(int argc, char **argv) { struct module_signature sig_info =3D { .id_type =3D PKEY_ID_PKCS7 }; char *hash_algo =3D NULL; - char *private_key_name =3D NULL, *raw_sig_name =3D NULL; + char *private_key_name =3D NULL; char *x509_name, *module_name, *dest_name; - bool save_sig =3D false, replace_orig; - bool sign_only =3D false; - bool raw_sig =3D false; unsigned char buf[4096]; unsigned long module_size, sig_size; unsigned int use_signed_attrs; @@ -229,13 +291,14 @@ int main(int argc, char **argv) EVP_PKEY *private_key; #ifndef USE_PKCS7 CMS_ContentInfo *cms =3D NULL; - unsigned int use_keyid =3D 0; #else PKCS7 *pkcs7 =3D NULL; #endif X509 *x509; BIO *bd, *bm; - int opt, n; + int n; + struct cmd_opts opts =3D {}; + OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); ERR_clear_error(); @@ -247,23 +310,19 @@ int main(int argc, char **argv) #else use_signed_attrs =3D PKCS7_NOATTR; #endif + parse_args(argc, argv, &opts); + argc -=3D optind; + argv +=3D optind; =20 - do { - opt =3D getopt(argc, argv, "sdpk"); - switch (opt) { - case 's': raw_sig =3D true; break; - case 'p': save_sig =3D true; break; - case 'd': sign_only =3D true; save_sig =3D true; break; + const char *raw_sig_name =3D opts.raw_sig_name; + const bool save_sig =3D opts.save_sig; + const bool raw_sig =3D opts.raw_sig; + const bool sign_only =3D opts.sign_only; + bool replace_orig =3D opts.replace_orig; #ifndef USE_PKCS7 - case 'k': use_keyid =3D CMS_USE_KEYID; break; + const unsigned int use_keyid =3D opts.use_keyid; #endif - case -1: break; - default: format(); - } - } while (opt !=3D -1); =20 - argc -=3D optind; - argv +=3D optind; if (argc < 4 || argc > 5) format(); =20 --=20 2.39.2 From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA53AC761A6 for ; Tue, 21 Mar 2023 19:35:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230338AbjCUTe6 (ORCPT ); Tue, 21 Mar 2023 15:34:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50100 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230335AbjCUTeu (ORCPT ); Tue, 21 Mar 2023 15:34:50 -0400 Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90E1C574C4 for ; Tue, 21 Mar 2023 12:34:17 -0700 (PDT) Received: by mail-pj1-x1035.google.com with SMTP id p13-20020a17090a284d00b0023d2e945aebso2415004pjf.0 for ; Tue, 21 Mar 2023 12:34:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427227; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FM7lFg55AWwHloU3VtuYwjKc3tGgKt3dHUyfvh4gsro=; b=OEsme06LsrF0p1EIgKOcNvPW+Lf/MlmVl7LKGbSSJdH7Xh1xX0o9mZVN47VxGvJe5t vcvLEdc3NIZKRjoEGhvX3m4108ocAR2XL346j+6f8LgET5c4hA3LzpAo1enY+HEqhduU N1QK970nSgao7xV6Axt9ChcFBanu7L7hXG6woYEKbIYXhRaMU06GU+3Eaj3BDOFGYb0k SRnBLSYqBV7U1NDxLwG0v+PMXMASHsenRwkgxONYeSl0j7KcwHKBeBVKm5HE1Dr1EuhU cgemdv50+Rep74h0sFxor9ww+6LCXlr0ZYaCz4SNLZLq0zbDfmL9Fn8p5gHZCudCZIgP oUEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427227; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FM7lFg55AWwHloU3VtuYwjKc3tGgKt3dHUyfvh4gsro=; b=tM7/fw89Fam4hlTKRDhgQfgwGCulshWJMjlMOCeVrLLfGrzuyGPjTqWaeHItjfl3Ke ISl2TV/qWBbMjHFa9/XTPLv8giDJM6Cs8T0HhPuGsXJ7so/dAlk7CEAeqPsirbD8gBAC EqZFLo/IWYDOikwfzdnoRyVk0PxmLu9kBHZG2BVU+I2i6lgaop10as8C4HtZXuk7m8IO VyZtDqGh/Ezkz4DuSty69iARz9YqoyLTyx/Pa8Fmy6c0xkYCWRAkh25r/xDxvmeMEK9M 53OtqI65MLHMgBDUXa7e3kcAEkWrPZFqx9fyeOEfjPmJZgwKPCcfNm/87zaqufib4Jzs jQFg== X-Gm-Message-State: AO0yUKUhWBhTOH12NZOGJfyXPJq+QzBShp96Ynm24cyqeJJF5cq6DeIZ BImZm/2vz6o08euUw49MMKwFbFDLTA1Y0Q== X-Google-Smtp-Source: AK7set/+3hnQ6QEPr3sQIY0zFpfbjrGHkfYTqKfNE1nFSbB2wvOSsZYUgcUbK2hprr3x4lAJInLPDA== X-Received: by 2002:a05:6a20:c526:b0:cb:af96:ace7 with SMTP id gm38-20020a056a20c52600b000cbaf96ace7mr2957976pzb.46.1679427227642; Tue, 21 Mar 2023 12:33:47 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:47 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 2/7] sign-file: inntroduce few new flags to make argument processing easy. Date: Wed, 22 Mar 2023 01:03:36 +0530 Message-Id: <20230321193341.87997-3-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi - Add some more options like help, x509, hashalgo to command line args - This makes it easy to handle and use command line args wherever needed Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 63 ++++++++++++++++++++++++++++++++------------- 1 file changed, 45 insertions(+), 18 deletions(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 94228865b6cc..b0f340ea629b 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -215,6 +215,11 @@ static X509 *read_x509(const char *x509_name) =20 struct cmd_opts { char *raw_sig_name; + char *hash_algo; + char *dest_name; + char *private_key_name; + char *x509_name; + char *module_name; bool save_sig; bool replace_orig; bool raw_sig; @@ -233,6 +238,12 @@ static void parse_args(int argc, char **argv, struct c= md_opts *opts) #ifndef USE_PKCS7 {"usekeyid", no_argument, 0, 'k'}, #endif + {"help", no_argument, 0, 'h'}, + {"privkey", required_argument, 0, 'i'}, + {"hashalgo", required_argument, 0, 'a'}, + {"x509", required_argument, 0, 'x'}, + {"dest", required_argument, 0, 'd'}, + {"replaceorig", required_argument, 0, 'r'}, {0, 0, 0, 0} }; =20 @@ -241,10 +252,10 @@ static void parse_args(int argc, char **argv, struct = cmd_opts *opts) =20 do { #ifndef USE_PKCS7 - opt =3D getopt_long_only(argc, argv, "pds:", + opt =3D getopt_long_only(argc, argv, "hpds:i:a:x:t:r:", cmd_options, &opt_index); #else - opt =3D getopt_long_only(argc, argv, "pdks:", + opt =3D getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:", cmd_options, &opt_index); #endif switch (opt) { @@ -268,6 +279,30 @@ static void parse_args(int argc, char **argv, struct c= md_opts *opts) break; #endif =20 + case 'h': + format(); + break; + + case 'i': + opts->private_key_name =3D optarg; + break; + + case 'a': + opts->hash_algo =3D optarg; + break; + + case 'x': + opts->x509_name =3D optarg; + break; + + case 't': + opts->dest_name =3D optarg; + break; + + case 'r': + opts->replace_orig =3D true; + break; + case -1: break; =20 @@ -281,9 +316,6 @@ static void parse_args(int argc, char **argv, struct cm= d_opts *opts) int main(int argc, char **argv) { struct module_signature sig_info =3D { .id_type =3D PKEY_ID_PKCS7 }; - char *hash_algo =3D NULL; - char *private_key_name =3D NULL; - char *x509_name, *module_name, *dest_name; unsigned char buf[4096]; unsigned long module_size, sig_size; unsigned int use_signed_attrs; @@ -315,32 +347,27 @@ int main(int argc, char **argv) argv +=3D optind; =20 const char *raw_sig_name =3D opts.raw_sig_name; + const char *hash_algo =3D opts.hash_algo; + const char *private_key_name =3D opts.private_key_name; + const char *x509_name =3D opts.x509_name; + const char *module_name =3D opts.module_name; const bool save_sig =3D opts.save_sig; const bool raw_sig =3D opts.raw_sig; const bool sign_only =3D opts.sign_only; bool replace_orig =3D opts.replace_orig; + char *dest_name =3D opts.dest_name; #ifndef USE_PKCS7 const unsigned int use_keyid =3D opts.use_keyid; #endif =20 - if (argc < 4 || argc > 5) + if (!argv[0] || argc !=3D 1) format(); =20 - if (raw_sig) { - raw_sig_name =3D argv[0]; - hash_algo =3D argv[1]; - } else { - hash_algo =3D argv[0]; - private_key_name =3D argv[1]; - } - x509_name =3D argv[2]; - module_name =3D argv[3]; - if (argc =3D=3D 5 && strcmp(argv[3], argv[4]) !=3D 0) { - dest_name =3D argv[4]; + if (dest_name && strcmp(argv[0], dest_name)) { replace_orig =3D false; } else { ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0, - "asprintf"); + "asprintf"); replace_orig =3D true; } =20 --=20 2.39.2 From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9ABE9C6FD1D for ; Tue, 21 Mar 2023 19:35:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230005AbjCUTfD (ORCPT ); Tue, 21 Mar 2023 15:35:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50328 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230150AbjCUTex (ORCPT ); Tue, 21 Mar 2023 15:34:53 -0400 Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 07B1751FB6 for ; Tue, 21 Mar 2023 12:34:21 -0700 (PDT) Received: by mail-pg1-x535.google.com with SMTP id z10so9244671pgr.8 for ; Tue, 21 Mar 2023 12:34:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427229; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5Oo/FZImW1n4zfpwScbuIRgqzfc5FTR90WfjICpgjYY=; b=qmZpSIfpWYAKRT4ivLO12P8UyoT/CCgdnL1STGR3Il1eppWJhkgrMsSP7rAadKZEkR T7rQVB1p1iDe+c5NRSIFpMLR+HTvMgA8QylzdZqYhQQs10y9NeBKDvwHsDis3O3yqIZi 0jAusE3CDt5M2agEtLxXzN6sEjSdNk4Cm2M1zyBzgjmO4XJensLnqX41QYfiA1ZsudIM UF19BxkLcsQXR2jtkOXFE91J36bHjWq/IzfFTJch+zX+l/FC064sTtZjk2uaK5/aDkuc IbSY+P2/g7kp+rEG258cNom3O8mGzJhk/8H8p+KKklz0zkBnXJ/8QlVNdjhj7dULYyha R0pQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427229; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5Oo/FZImW1n4zfpwScbuIRgqzfc5FTR90WfjICpgjYY=; b=ildqOAipO0wLxj8hJPz9HUAwLRDXnXgF7sxrnGAFEpnjixuI/miK1OMRJxBuCSZwdJ UFYy7S92NQGAVqe9bqHdlZ9breIhQxLzC3Qq5t4bmCD6vW2UWcrMSTyVhVoICYd+aDKC ra3yFz8ZJ0uX+O5dHR54Q78E+ccCNmGajGGGqCcoyWWOLFF4KUoGSM51H+aAJcID9k3Y R/qRJFv7UXIiqonSUxtIviQdaO7R7KlSEE1rFrAKIuUFZdXTxKNp2uWUUq4zKrfTmm4U KD7s2wbe2D0DTXi6gaA1WZnGRsEoYDrTyGdEw88LbJ9yO4dV1V2nJkVLZ2JwE+y04KA5 t9wA== X-Gm-Message-State: AO0yUKXYkmezevzSCoWohxT50r3vnsOiSLjSmYbt5c1N5yFLvQlF48dt p1NV6oCmm7JrCNHRRN5ixvI= X-Google-Smtp-Source: AK7set+emupAH4Slu2tD6a5SF7w4s78HLlTl3wXKBJ1G2/2QdDq5OqPqnEKcKKs5asEkSgmS8qSo0g== X-Received: by 2002:a62:1758:0:b0:625:13f3:9409 with SMTP id 85-20020a621758000000b0062513f39409mr865114pfx.26.1679427228843; Tue, 21 Mar 2023 12:33:48 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:48 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 3/7] sign-file: move file signing logic to its own function Date: Wed, 22 Mar 2023 01:03:37 +0530 Message-Id: <20230321193341.87997-4-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi Keep the main function bare minimal and do less in main function. This patch is pre-work for bulk module signing support. Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 115 +++++++++++++++++++++----------------------- 1 file changed, 54 insertions(+), 61 deletions(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index b0f340ea629b..64d5e00f08e2 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -313,10 +313,10 @@ static void parse_args(int argc, char **argv, struct = cmd_opts *opts) } while (opt !=3D -1); } =20 -int main(int argc, char **argv) +static int sign_single_file(struct cmd_opts *opts) { struct module_signature sig_info =3D { .id_type =3D PKEY_ID_PKCS7 }; - unsigned char buf[4096]; + unsigned char buf[4096] =3D {}; unsigned long module_size, sig_size; unsigned int use_signed_attrs; const EVP_MD *digest_algo; @@ -329,11 +329,6 @@ int main(int argc, char **argv) X509 *x509; BIO *bd, *bm; int n; - struct cmd_opts opts =3D {}; - - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); - ERR_clear_error(); =20 key_pass =3D getenv("KBUILD_SIGN_PIN"); =20 @@ -342,34 +337,6 @@ int main(int argc, char **argv) #else use_signed_attrs =3D PKCS7_NOATTR; #endif - parse_args(argc, argv, &opts); - argc -=3D optind; - argv +=3D optind; - - const char *raw_sig_name =3D opts.raw_sig_name; - const char *hash_algo =3D opts.hash_algo; - const char *private_key_name =3D opts.private_key_name; - const char *x509_name =3D opts.x509_name; - const char *module_name =3D opts.module_name; - const bool save_sig =3D opts.save_sig; - const bool raw_sig =3D opts.raw_sig; - const bool sign_only =3D opts.sign_only; - bool replace_orig =3D opts.replace_orig; - char *dest_name =3D opts.dest_name; -#ifndef USE_PKCS7 - const unsigned int use_keyid =3D opts.use_keyid; -#endif - - if (!argv[0] || argc !=3D 1) - format(); - - if (dest_name && strcmp(argv[0], dest_name)) { - replace_orig =3D false; - } else { - ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0, - "asprintf"); - replace_orig =3D true; - } =20 #ifdef USE_PKCS7 if (strcmp(hash_algo, "sha1") !=3D 0) { @@ -380,20 +347,20 @@ int main(int argc, char **argv) #endif =20 /* Open the module file */ - bm =3D BIO_new_file(module_name, "rb"); - ERR(!bm, "%s", module_name); + bm =3D BIO_new_file(opts->module_name, "rb"); + ERR(!bm, "%s", opts->module_name); =20 - if (!raw_sig) { + if (!opts->raw_sig) { /* Read the private key and the X.509 cert the PKCS#7 message * will point to. */ - private_key =3D read_private_key(private_key_name); - x509 =3D read_x509(x509_name); + private_key =3D read_private_key(opts->private_key_name); + x509 =3D read_x509(opts->x509_name); =20 /* Digest the module data. */ OpenSSL_add_all_digests(); display_openssl_errors(__LINE__); - digest_algo =3D EVP_get_digestbyname(hash_algo); + digest_algo =3D EVP_get_digestbyname(opts->hash_algo); ERR(!digest_algo, "EVP_get_digestbyname"); =20 #ifndef USE_PKCS7 @@ -405,7 +372,7 @@ int main(int argc, char **argv) =20 ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, CMS_NOCERTS | CMS_BINARY | - CMS_NOSMIMECAP | use_keyid | + CMS_NOSMIMECAP | opts->use_keyid | use_signed_attrs), "CMS_add1_signer"); ERR(CMS_final(cms, bm, NULL, CMS_NOCERTS | CMS_BINARY) < 0, @@ -418,11 +385,11 @@ int main(int argc, char **argv) ERR(!pkcs7, "PKCS7_sign"); #endif =20 - if (save_sig) { + if (opts->save_sig) { char *sig_file_name; BIO *b; =20 - ERR(asprintf(&sig_file_name, "%s.p7s", module_name) < 0, + ERR(asprintf(&sig_file_name, "%s.p7s", opts->module_name) < 0, "asprintf"); b =3D BIO_new_file(sig_file_name, "wb"); ERR(!b, "%s", sig_file_name); @@ -436,7 +403,7 @@ int main(int argc, char **argv) BIO_free(b); } =20 - if (sign_only) { + if (opts->sign_only) { BIO_free(bm); return 0; } @@ -445,24 +412,24 @@ int main(int argc, char **argv) /* Open the destination file now so that we can shovel the module data * across as we read it. */ - bd =3D BIO_new_file(dest_name, "wb"); - ERR(!bd, "%s", dest_name); + bd =3D BIO_new_file(opts->dest_name, "wb"); + ERR(!bd, "%s", opts->dest_name); =20 /* Append the marker and the PKCS#7 message to the destination file */ - ERR(BIO_reset(bm) < 0, "%s", module_name); + ERR(BIO_reset(bm) < 0, "%s", opts->module_name); while ((n =3D BIO_read(bm, buf, sizeof(buf))), n > 0) { - ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name); + ERR(BIO_write(bd, buf, n) < 0, "%s", opts->dest_name); } BIO_free(bm); - ERR(n < 0, "%s", module_name); + ERR(n < 0, "%s", opts->module_name); module_size =3D BIO_number_written(bd); =20 - if (!raw_sig) { + if (!opts->raw_sig) { #ifndef USE_PKCS7 - ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) < 0, "%s", dest_name); + ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) < 0, "%s", opts->dest_name); #else - ERR(i2d_PKCS7_bio(bd, pkcs7) < 0, "%s", dest_name); + ERR(i2d_PKCS7_bio(bd, pkcs7) < 0, "%s", opts->dest_name); #endif } else { BIO *b; @@ -470,23 +437,49 @@ int main(int argc, char **argv) /* Read the raw signature file and write the data to the * destination file */ - b =3D BIO_new_file(raw_sig_name, "rb"); - ERR(!b, "%s", raw_sig_name); + b =3D BIO_new_file(opts->raw_sig_name, "rb"); + ERR(!b, "%s", opts->raw_sig_name); while ((n =3D BIO_read(b, buf, sizeof(buf))), n > 0) - ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name); + ERR(BIO_write(bd, buf, n) < 0, "%s", opts->dest_name); BIO_free(b); } =20 sig_size =3D BIO_number_written(bd) - module_size; sig_info.sig_len =3D htonl(sig_size); - ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name); - ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest= _name); + ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", opts->dest_name= ); + ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", opts= ->dest_name); =20 - ERR(BIO_free(bd) < 0, "%s", dest_name); + ERR(BIO_free(bd) < 0, "%s", opts->dest_name); =20 /* Finally, if we're signing in place, replace the original. */ - if (replace_orig) - ERR(rename(dest_name, module_name) < 0, "%s", dest_name); + if (opts->replace_orig) + ERR(rename(opts->dest_name, opts->module_name) < 0, "%s", opts->dest_nam= e); =20 return 0; } + +int main(int argc, char **argv) +{ + struct cmd_opts opts =3D {}; + + parse_args(argc, argv, &opts); + argc -=3D optind; + argv +=3D optind; + + if (!argv[0] || argc !=3D 1) + format(); + + if (opts.dest_name && strcmp(argv[0], opts.dest_name)) { + opts.replace_orig =3D false; + } else { + ERR(asprintf(&opts.dest_name, "%s.~signed~", opts.module_name) < 0, + "asprintf"); + opts.replace_orig =3D true; + } + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + ERR_clear_error(); + + return sign_single_file(&opts); +} --=20 2.39.2 From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8E1E7C6FD20 for ; Tue, 21 Mar 2023 19:35:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230380AbjCUTfK (ORCPT ); Tue, 21 Mar 2023 15:35:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230305AbjCUTez (ORCPT ); Tue, 21 Mar 2023 15:34:55 -0400 Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ABBF0574E4 for ; Tue, 21 Mar 2023 12:34:22 -0700 (PDT) Received: by mail-pg1-x52a.google.com with SMTP id x37so9252474pga.1 for ; Tue, 21 Mar 2023 12:34:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427230; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=W3N8NUnKA3HwSL7nYHdw0w+EtU7IHilem2dLWFayh5k=; b=RbOrVHhg3QC92FG4M8NH1A9CHpBOxwgCfNcSU0r1ajVz1O3USM2vHkVvh3wqmGVdQz w+f/QA/GaY66tCL85qKkr2zlcANyXc2wW+koDAQuRRR8AffIlsQj4ELcBLyjUCct73MN r8mmWwVNQSFouKAV6BFpVTxmKN038rmDRdRBJmu2rKin58MgWUuyodQ/B407fFtmzDQG 0nvD+H0HSr05VEAFjLsqsCgalo3CQCMaGmenpXLGoVfhM7W57CZ5wTGuEhmkgDtVKiuP q8TYytBLOhwsMtSeZC9Bwhby6mxn/xq7iBHHeg0ixpFCLPlivaoNXpX+i6VniUsfOuMZ I2ig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427230; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=W3N8NUnKA3HwSL7nYHdw0w+EtU7IHilem2dLWFayh5k=; b=g4s/ZyQ/1ALhzTHYzmB7h8kehNWjIcxJ5Ojdm5wVAgGeXwzB+Q3qKQkn3nnXTNxkMy sw3e2JCJftXwB3OKpaV2HIdK4cFQresPfcmBWXadt3YhEpM5i9zK6J6qReWHd4Y9Qx/I pXhG+DM6FYNjOp3YvdT1xKBMFfs18hh8eau3NyHii+97RjKYOKOjF1D2TbbgqK30S9Tv 6cyyx8zAqzKJbfyWkKswHFsMA1eKx6nqlLF7Jt4WZDod1ZycU5YOUCo3JajylNV/bGyf /tLwFZZ+45BfxRc2f0LMn6YqVHmkE2gNmYXsB37e7xLEUERt3H0kFjtbTcs97ftYgT9l 3waw== X-Gm-Message-State: AO0yUKXGmJxp0ueBo0TGd8A2Zvmxyj1RZr5cAyQxa+P19Z7qhCVN0C3E cfalQ/NOWfCxOy480BYgSEM= X-Google-Smtp-Source: AK7set/Ca0O1fsLGwZB7jf/8/I6Zv7j9dJPZ3P31DwNOkJJ1pej1yb0uGNi/OJ4DXJ3ADX3x/04Yyg== X-Received: by 2002:a62:7b8a:0:b0:625:83a1:78e8 with SMTP id w132-20020a627b8a000000b0062583a178e8mr855909pfc.19.1679427230059; Tue, 21 Mar 2023 12:33:50 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:49 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 4/7] sign-file: add support to sign modules in bulk Date: Wed, 22 Mar 2023 01:03:38 +0530 Message-Id: <20230321193341.87997-5-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi In the existing system, we need to invoke sign-file binary for every module we want to sign. This patch adds support to give modules list in bulk and it will sign them all one by one. Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 41 +++++++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 64d5e00f08e2..0a275256ca16 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -224,6 +224,7 @@ struct cmd_opts { bool replace_orig; bool raw_sig; bool sign_only; + bool bulk_sign; #ifndef USE_PKCS7 unsigned int use_keyid; #endif @@ -252,10 +253,10 @@ static void parse_args(int argc, char **argv, struct = cmd_opts *opts) =20 do { #ifndef USE_PKCS7 - opt =3D getopt_long_only(argc, argv, "hpds:i:a:x:t:r:", + opt =3D getopt_long_only(argc, argv, "hpdbs:i:a:x:t:r:", cmd_options, &opt_index); #else - opt =3D getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:", + opt =3D getopt_long_only(argc, argv, "hpdkbs:i:a:x:t:r:", cmd_options, &opt_index); #endif switch (opt) { @@ -303,6 +304,10 @@ static void parse_args(int argc, char **argv, struct c= md_opts *opts) opts->replace_orig =3D true; break; =20 + case 'b': + opts->bulk_sign =3D true; + break; + case -1: break; =20 @@ -460,26 +465,34 @@ static int sign_single_file(struct cmd_opts *opts) =20 int main(int argc, char **argv) { + int i; struct cmd_opts opts =3D {}; =20 parse_args(argc, argv, &opts); argc -=3D optind; argv +=3D optind; =20 - if (!argv[0] || argc !=3D 1) - format(); - - if (opts.dest_name && strcmp(argv[0], opts.dest_name)) { - opts.replace_orig =3D false; - } else { - ERR(asprintf(&opts.dest_name, "%s.~signed~", opts.module_name) < 0, - "asprintf"); - opts.replace_orig =3D true; - } - OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); ERR_clear_error(); =20 - return sign_single_file(&opts); + for (i =3D 0; i < argc; ++i) { + opts.module_name =3D argv[i]; + + if (!opts.bulk_sign && opts.dest_name && strcmp(argv[i], opts.dest_name)= ) { + opts.replace_orig =3D false; + } else { + ERR(asprintf(&opts.dest_name, "%s.~signed~", opts.module_name) < 0, + "asprintf"); + if (!opts.replace_orig) + opts.replace_orig =3D true; + } + + if (sign_single_file(&opts)) { + fprintf(stderr, "Failed to sign: %s module\n", opts.module_name); + return -1; + } + } + + return 0; } --=20 2.39.2 From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CD26EC6FD1D for ; Tue, 21 Mar 2023 19:35:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230374AbjCUTfH (ORCPT ); Tue, 21 Mar 2023 15:35:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50370 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230304AbjCUTez (ORCPT ); Tue, 21 Mar 2023 15:34:55 -0400 Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E1C8D57D17 for ; Tue, 21 Mar 2023 12:34:22 -0700 (PDT) Received: by mail-pg1-x536.google.com with SMTP id h31so9247669pgl.6 for ; Tue, 21 Mar 2023 12:34:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427231; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yt1FiyCAq19UTY6Dgky638GY7WS05mpX7yYj+tKdXNE=; b=G4DGe8D49ZyzRrUhrQQPanlfHBcdpW5j9vA12O4p5GFkxEj8KfOPNduDd8eJDDmi4R /Y0CLxN44hQgnYW6d5krQNwnoMuICMjIL4YfI/VhQo7zUjkUoF7Xq7PwdgtSkp0ullne pNiy1gFBn4bJZ3T5Jzs54jqpYLJyeUIr/0HcCsdr6KNwTx++OlSa3kgg99Ziat8HpkdZ nzj163HyhmTE/B8FuXw83S5U7UQ7fXGIMeqXRy18MZkfzIjcp6eXAOLvJN40IYcT9aU9 9x7XYA+BMCrVGu0bFtpzJefsURaLx0LsbUYeXCwu9QMJC9ZPsvwuv3NnO1c9zpuFfxnT eenA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427231; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yt1FiyCAq19UTY6Dgky638GY7WS05mpX7yYj+tKdXNE=; b=hRMU1A0Va/f/cF3tGsO0pROp3W0oX5N70f/i4mF218WiBE8GK0I0b16/UMuH0kZkZa Zf3Ad1MCRRCF7YsPQB3sDQtkDwzXN/GJPKwfEgMjbfpbaA866FZC+CvvhZ2Q/ygr5trf LuLUnu966xv4tgxICs25uOBO5Yt+luTJw3oYO3QbAwxJ+v5kdaXGuvq/Shqf8zh8DvM9 9sVbHXsAeBMfJbDdtH0VDLGNu0HNLtEHizMISAczF+HOWfyt/0AVm2i8MW7HiHa1tdrS KBHN376g7A/pcqKrDGLwlxC9ymRH5D/oGfEsiGzMvA3CWO9298NEwNHRXch/on7f34rW PkUg== X-Gm-Message-State: AO0yUKXuLeFwdcF0FJWYJvMiz5kbC+gIf3LOx7zNep7lluGxSxsv1gOQ DaQlenQyKbwDvdBZms6/rsM= X-Google-Smtp-Source: AK7set97hMjW3d32KCMpBcN+FBysPgtZHd/LBwqEusd8tRW8cRVK+BxeW3s5Nhi9cycbhhpO2MPr1A== X-Received: by 2002:a62:38d0:0:b0:625:e192:1c7f with SMTP id f199-20020a6238d0000000b00625e1921c7fmr932785pfa.18.1679427231248; Tue, 21 Mar 2023 12:33:51 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:50 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 5/7] sign-file: improve help message Date: Wed, 22 Mar 2023 01:03:39 +0530 Message-Id: <20230321193341.87997-6-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi Add a proper help message with examples on how to use this tool. Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 48 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 0a275256ca16..d3abc5721a7e 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -74,12 +74,43 @@ struct module_signature { static char magic_number[] =3D "~Module signature appended~\n"; =20 static __attribute__((noreturn)) -void format(void) +void print_usage(void) { - fprintf(stderr, - "Usage: scripts/sign-file [-dp] []\n"); - fprintf(stderr, - " scripts/sign-file -s []\n"); + fprintf(stderr, "Usage: scripts/sign-file [OPTIONS]... [MODULE]...\n"); + fprintf(stderr, "Available options:\n"); + fprintf(stderr, "-h, --help Print this help message and exit\= n"); + + fprintf(stderr, "\nOptional args:\n"); + fprintf(stderr, "-s, --rawsig Raw signature\n"); + fprintf(stderr, "-p, --savesig Save signature\n"); + fprintf(stderr, "-d, --signonly Sign only\n"); +#ifndef USE_PKCS7 + fprintf(stderr, "-k, --usekeyid Use key ID\n"); +#endif + fprintf(stderr, "-b, --bulksign Sign modules in bulk\n"); + fprintf(stderr, "-r, --replaceorig Replace original\n"); + fprintf(stderr, "-t, --dest Destination path "); + fprintf(stderr, "(Exclusive with bulk option)\n"); + + fprintf(stderr, "\nMandatory args:\n"); + fprintf(stderr, "-i, --privkey Private key\n"); + fprintf(stderr, "-a, --hashalgo Hash algorithm\n"); + fprintf(stderr, "-x, --x509 X509\n"); + + fprintf(stderr, "\nExamples:\n"); + + fprintf(stderr, "\n Regular signing:\n"); + fprintf(stderr, " scripts/sign-file -a sha512 -i certs/signing_key.pe= m "); + fprintf(stderr, "-x certs/signing_key.x509 \n"); + + fprintf(stderr, "\n Signing with destination path:\n"); + fprintf(stderr, " scripts/sign-file -a sha512 -i certs/signing_key.pe= m "); + fprintf(stderr, "-x certs/signing_key.x509 -t \n"); + + fprintf(stderr, "\n Signing modules in bulk:\n"); + fprintf(stderr, " scripts/sign-file -a sha512 -i certs/signing_key.pe= m "); + fprintf(stderr, "-x certs/signing_key.x509 -b ...\n"); + exit(2); } =20 @@ -281,7 +312,7 @@ static void parse_args(int argc, char **argv, struct cm= d_opts *opts) #endif =20 case 'h': - format(); + print_usage(); break; =20 case 'i': @@ -312,7 +343,7 @@ static void parse_args(int argc, char **argv, struct cm= d_opts *opts) break; =20 default: - format(); + print_usage(); break; } } while (opt !=3D -1); @@ -472,6 +503,9 @@ int main(int argc, char **argv) argc -=3D optind; argv +=3D optind; =20 + if ((opts.bulk_sign && opts.dest_name) || (!opts.bulk_sign && argc !=3D 1= )) + print_usage(); + OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); ERR_clear_error(); --=20 2.39.2 From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D3AA9C76195 for ; Tue, 21 Mar 2023 19:35:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229819AbjCUTfO (ORCPT ); Tue, 21 Mar 2023 15:35:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230308AbjCUTez (ORCPT ); Tue, 21 Mar 2023 15:34:55 -0400 Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A583A4FF2C for ; Tue, 21 Mar 2023 12:34:23 -0700 (PDT) Received: by mail-pg1-x533.google.com with SMTP id bn14so1794409pgb.11 for ; Tue, 21 Mar 2023 12:34:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427232; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4AANWMLFPRmqhsaZtqr8wdmw+KFHZMOER6tyEOUd1jY=; b=BwuMojxwrYqAFQterytV0n+RM88osD26Ot+yVGJW4oVuyU7P5Ia+32TPE3TQ4xe2P4 fzICA8yNvs3AAnTn9WehPU+vl9xIM8RMRxSlGzV2O6ivAvuad/cKYlR04nu/+NoUQIzk 91zilV8eNPrh6E6LjPEbh6RC2tIXsL8xzsUFx+jHhGNbz6z2et/5kUvhG4fT0Z2sfBSg rpD6gHm7+ZA0c6tSROeMfrRs39OS1ljzdbSwA0q1b5s16xb7lJEUFF1KgG4Tp4D9ush5 k6Bf3Rz7JQDZkYmlcizT6A7O+5J8+JqxX69/6hL9wA3IZycxDdELGFP6+vVkachhah5Y oRGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427232; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4AANWMLFPRmqhsaZtqr8wdmw+KFHZMOER6tyEOUd1jY=; b=ewf4JVrW9YPsuEh5le2rXVMVyrxmhXuT9mg76NjR845BQM9jYJUKdSkqXUcAYBHgSQ aqUTVMjy6b9vxs8SoaatG7YauKIwFeQFYHNhP5vjbAc2tPP8DcO7r9aFcB04cpdjZXO4 R2l867gC8Zeu+0/EFqut1w0EjpZQ87tEGadOJwg1k7pHDYmL7p+NXOSeg8T1NPVkXTm7 +Vhh2CjHthi1XqB91y/Keid2Y/QEpM40lvvtP6aw/DiWuAfkDPv1JVk7BLTXa0tb67Sb tPbHX7mehHT7/j4CFoFrMdeSMBNhcoenyEMh9Zp1jICx/XDu2wckiHL6NWFXNpuzUuaH pdWQ== X-Gm-Message-State: AO0yUKWOOIUviVwij3B0ri1GK3uHxWdK4srhS/0MalQCuyJf9zL27+tF 8gZ59CIkhlBspx2hr/48hek= X-Google-Smtp-Source: AK7set9RXxBO1t5rxnn03oPkEDUp9bqa/iXCFRosc2odnBEaopFz8gT18I6/NOs3EfQ6fY6LHWk5mQ== X-Received: by 2002:a62:6245:0:b0:627:e342:7f0e with SMTP id w66-20020a626245000000b00627e3427f0emr734685pfb.30.1679427232441; Tue, 21 Mar 2023 12:33:52 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:52 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 6/7] sign-file: use const with a global string constant Date: Wed, 22 Mar 2023 01:03:40 +0530 Message-Id: <20230321193341.87997-7-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi Reported by checkpatch. Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index d3abc5721a7e..e8dfbdd3eea3 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -71,7 +71,7 @@ struct module_signature { =20 #define PKEY_ID_PKCS7 2 =20 -static char magic_number[] =3D "~Module signature appended~\n"; +static const char magic_number[] =3D "~Module signature appended~\n"; =20 static __attribute__((noreturn)) void print_usage(void) --=20 2.39.2 From nobody Sun Feb 8 10:16:51 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3FA3DC6FD1D for ; Tue, 21 Mar 2023 19:35:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230411AbjCUTfR (ORCPT ); Tue, 21 Mar 2023 15:35:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50816 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230325AbjCUTe4 (ORCPT ); Tue, 21 Mar 2023 15:34:56 -0400 Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8205B570AE for ; Tue, 21 Mar 2023 12:34:25 -0700 (PDT) Received: by mail-pj1-x102a.google.com with SMTP id h12-20020a17090aea8c00b0023d1311fab3so16986604pjz.1 for ; Tue, 21 Mar 2023 12:34:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679427233; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=orHz49MEtEREu43pkNm/tKqUuGAbP6UFRUzWf1lMbKM=; b=Iu7lFuzYgxMBD2is5xuyIPdQFrTrSGgbg+1D0Fc9vavmcTU2AgpwtPsecJb3S9pkHk KKjXKnvgEgALI8WVKQDM+fdpBWZzhrrFhjZWbqcuTDgFuLuGlbZjbEqFg8lJWOszxTaU BfnUVKt6kumqRz8xNLLCYhkDJtpAxBCZ+tqqsUjaEDLAGjYic36hbFBwd7B+Ifu+f66h 7G3lplMwVw898GhVpPudgEPdXduilp5Zrh2KcMjezDNwow2DbeyddRVO1MmcFIHRxU41 8dU64iy5DzLNoSD7SJlQjy7W76pLJLDPAhSiYsaezal1KY8AFTMP1h7ZKlxPW3fbP/9Q PUvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679427233; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=orHz49MEtEREu43pkNm/tKqUuGAbP6UFRUzWf1lMbKM=; b=LcoO6hCMUDyv3HWLUAr0z51zVkT7M1S5eSHvpbst0uwTnHJP/mKJ8l8Xpiu8hnyAcq Qxvn3M7nQfq45Buo9XhO/r32Z5Q2QeWkf0MvaRQDaUBzfu+/YbUuvegL9vy4JEOAFCSW 5W1GIDlBl1EIBAYpU7yamlvSJ/wMou1YxyfEPKP/w127v5HWONxoldcqgj67ZAEPgtqX oaOoXrpZC+5k3c10baQwJFPOCcP8RrY5jXtEc1I5NSaUq19SEybpTi3Us4g3lS/XC5Ph CuD6BRliEttxcOJTmh/3FA0OlVFK85j7n+K9lR4/8z/Pp6ts0YNf77z4nuk3T2nbl3qN PMnw== X-Gm-Message-State: AO0yUKVh9TDBw77kgO5uSE50S0CL9lerqIkWlV5w/l+DSMyTeJlGTQeQ c5NbNHCNOQUklXt+3IoulVc0EZKFKDgVLA== X-Google-Smtp-Source: AK7set+EWZ8xOyhR6UvvpHkCf9PTFuddYXAucaUStZQVzs1Zzn8sniZj5wRrZdTOp9J5f9yPbpJJHg== X-Received: by 2002:a05:6a20:c87:b0:d6:7d3a:c6e with SMTP id dt7-20020a056a200c8700b000d67d3a0c6emr3265804pzb.44.1679427233676; Tue, 21 Mar 2023 12:33:53 -0700 (PDT) Received: from f37.eng.vmware.com ([66.170.99.1]) by smtp.googlemail.com with ESMTPSA id k23-20020aa790d7000000b006247123adf1sm8843044pfk.143.2023.03.21.12.33.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Mar 2023 12:33:53 -0700 (PDT) From: Shreenidhi Shedi X-Google-Original-From: Shreenidhi Shedi To: gregkh@linuxfoundation.org, dhowells@redhat.com, dwmw2@infradead.org Cc: linux-kernel@vger.kernel.org, sshedi@vmware.com, yesshedi@gmail.com Subject: [PATCH v6 7/7] sign-file: fix do while styling issue Date: Wed, 22 Mar 2023 01:03:41 +0530 Message-Id: <20230321193341.87997-8-sshedi@vmware.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230321193341.87997-1-sshedi@vmware.com> References: <20230321193341.87997-1-sshedi@vmware.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Shreenidhi Shedi Reported by checkpatch. Signed-off-by: Shreenidhi Shedi --- scripts/sign-file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/sign-file.c b/scripts/sign-file.c index e8dfbdd3eea3..0c95275c4564 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -147,7 +147,7 @@ static void drain_openssl_errors(void) if (__cond) { \ errx(1, fmt, ## __VA_ARGS__); \ } \ - } while(0) + } while (0) =20 static const char *key_pass; =20 --=20 2.39.2