From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9C4F3EB64D7
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:54:37 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232138AbjFWOyg (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:54:36 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47476 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232180AbjFWOyM (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:12 -0400
Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com
 [IPv6:2607:f8b0:4864:20::534])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5389A2129
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:09 -0700 (PDT)
Received: by mail-pg1-x534.google.com with SMTP id
 41be03b00d2f7-54f87d5f1abso496672a12.0
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532049; x=1690124049;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=sshxUFVbctBDVN/rzug39I/npfxRGzCIXVTdlhheim4=;
        b=aV+w+QdnTMPEgtAxSnEPVBrowL4sCzj1zxLUTgcS/D3soEeeHLg5znUfS4Mun8ImYO
         Enyuw7T3zgEU0qGqhgcGivcSLBebSuCF2G9tbU/rbfa3hzPH3iTpiCWVPkhLE7nFFW1N
         HclXKwAql3+PC7DKPKQfkSaZfl/J65Q2eUfMvS0KlnoMTZnQZDYlr3xzk7QMffuI8nRA
         Jc5v2izQrD1m/05z+UahiwLXGNqBBib27Kpe4ybEUzOgCjhVIHjhkHe8K0FwQ+roGCB3
         XQZ4IfjXYCZWI6AKxYBXadGbkICVmj07lvUFtoV5A1VLrAzHDVWofhDwoCYYqWWNQaR9
         626A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532049; x=1690124049;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=sshxUFVbctBDVN/rzug39I/npfxRGzCIXVTdlhheim4=;
        b=dSmEAIbvUyZ56QpeGIKzpC9lHHrn4iMsymrAacVSSfSapcswIegDTw12opac9fYrGl
         GX/WP0T9b+7Zl4xC2GjkYq7H084Ey/UlkqXX6JyjKlB+YOay8AECSZl6Nig1kJpc8zn2
         b9vcLhetVUmYMvr1veQRC8iL5n4zvM4pom22n4Kj7vBrUzyo0g1du9pYV/URIaFHZmxV
         i90naVIpLM+1gCdWfnJgaQMqK4OfMPfWaIlXC2rhcRG8HWYjgY4DQHMBRYuUFGiadxPx
         h6EHw5d/C76GbK6ChYDr9kxIK/zdlpPtxiTCBOzhtHdCJ5qupzFrr13cfC4ZcM6O5+Tr
         qfKw==
X-Gm-Message-State: AC+VfDwBYZTFTB+csUfMsjD7TEtT6h+nGZhgL6P+gqaD27483xcT2gfA
        uw4k0UcKG478RtNsgkR0tFQ=
X-Google-Smtp-Source: 
 ACHHUZ42QZiOQDKqsN2Odlmo/rivKXoxShiB4PnboHNtFikVHzo6x2vGUlC+45ih93U0OluT4RnQjg==
X-Received: by 2002:a17:90b:30c9:b0:25b:bff5:5310 with SMTP id
 hi9-20020a17090b30c900b0025bbff55310mr13762092pjb.14.1687532048696;
        Fri, 23 Jun 2023 07:54:08 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:08 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 1/8] sign-file: use getopt_long_only for parsing input args
Date: Fri, 23 Jun 2023 20:23:51 +0530
Message-ID: <20230623145358.568971-2-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

- getopt_long_only gives an option to use long names for options, so
  using it here to make the app usage easier.

- Use more easy to remember command line argument names

- Introduce cmd_opts structure to ease the handling of command line args

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 97 ++++++++++++++++++++++++++++++++++++---------
 1 file changed, 78 insertions(+), 19 deletions(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 598ef5465f82..94228865b6cc 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -213,15 +213,77 @@ static X509 *read_x509(const char *x509_name)
 	return x509;
 }
=20
+struct cmd_opts {
+	char *raw_sig_name;
+	bool save_sig;
+	bool replace_orig;
+	bool raw_sig;
+	bool sign_only;
+#ifndef USE_PKCS7
+	unsigned int use_keyid;
+#endif
+};
+
+static void parse_args(int argc, char **argv, struct cmd_opts *opts)
+{
+	struct option cmd_options[] =3D {
+		{"rawsig",	required_argument,  0,	's'},
+		{"savesig",	no_argument,	    0,	'p'},
+		{"signonly",	no_argument,	    0,	'd'},
+#ifndef USE_PKCS7
+		{"usekeyid",	no_argument,	    0,	'k'},
+#endif
+		{0, 0, 0, 0}
+	};
+
+	int opt;
+	int opt_index =3D 0;
+
+	do {
+#ifndef USE_PKCS7
+		opt =3D getopt_long_only(argc, argv, "pds:",
+				cmd_options, &opt_index);
+#else
+		opt =3D getopt_long_only(argc, argv, "pdks:",
+				cmd_options, &opt_index);
+#endif
+		switch (opt) {
+		case 's':
+			opts->raw_sig =3D true;
+			opts->raw_sig_name =3D optarg;
+			break;
+
+		case 'p':
+			opts->save_sig =3D true;
+			break;
+
+		case 'd':
+			opts->sign_only =3D true;
+			opts->save_sig =3D true;
+			break;
+
+#ifndef USE_PKCS7
+		case 'k':
+			opts->use_keyid =3D CMS_USE_KEYID;
+			break;
+#endif
+
+		case -1:
+			break;
+
+		default:
+			format();
+			break;
+		}
+	} while (opt !=3D -1);
+}
+
 int main(int argc, char **argv)
 {
 	struct module_signature sig_info =3D { .id_type =3D PKEY_ID_PKCS7 };
 	char *hash_algo =3D NULL;
-	char *private_key_name =3D NULL, *raw_sig_name =3D NULL;
+	char *private_key_name =3D NULL;
 	char *x509_name, *module_name, *dest_name;
-	bool save_sig =3D false, replace_orig;
-	bool sign_only =3D false;
-	bool raw_sig =3D false;
 	unsigned char buf[4096];
 	unsigned long module_size, sig_size;
 	unsigned int use_signed_attrs;
@@ -229,13 +291,14 @@ int main(int argc, char **argv)
 	EVP_PKEY *private_key;
 #ifndef USE_PKCS7
 	CMS_ContentInfo *cms =3D NULL;
-	unsigned int use_keyid =3D 0;
 #else
 	PKCS7 *pkcs7 =3D NULL;
 #endif
 	X509 *x509;
 	BIO *bd, *bm;
-	int opt, n;
+	int n;
+	struct cmd_opts opts =3D {};
+
 	OpenSSL_add_all_algorithms();
 	ERR_load_crypto_strings();
 	ERR_clear_error();
@@ -247,23 +310,19 @@ int main(int argc, char **argv)
 #else
 	use_signed_attrs =3D PKCS7_NOATTR;
 #endif
+	parse_args(argc, argv, &opts);
+	argc -=3D optind;
+	argv +=3D optind;
=20
-	do {
-		opt =3D getopt(argc, argv, "sdpk");
-		switch (opt) {
-		case 's': raw_sig =3D true; break;
-		case 'p': save_sig =3D true; break;
-		case 'd': sign_only =3D true; save_sig =3D true; break;
+	const char *raw_sig_name =3D opts.raw_sig_name;
+	const bool save_sig =3D opts.save_sig;
+	const bool raw_sig =3D opts.raw_sig;
+	const bool sign_only =3D opts.sign_only;
+	bool replace_orig =3D opts.replace_orig;
 #ifndef USE_PKCS7
-		case 'k': use_keyid =3D CMS_USE_KEYID; break;
+	const unsigned int use_keyid =3D opts.use_keyid;
 #endif
-		case -1: break;
-		default: format();
-		}
-	} while (opt !=3D -1);
=20
-	argc -=3D optind;
-	argv +=3D optind;
 	if (argc < 4 || argc > 5)
 		format();
=20
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5C8CCEB64DD
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:54:40 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232324AbjFWOyj (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:54:39 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47538 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232290AbjFWOyN (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:13 -0400
Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com
 [IPv6:2607:f8b0:4864:20::1029])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C896C269F
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:10 -0700 (PDT)
Received: by mail-pj1-x1029.google.com with SMTP id
 98e67ed59e1d1-25edd424306so387041a91.1
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532050; x=1690124050;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=HqI+jXiAb0jcxHpq4/ZvjHZIHoyoVWwys0Is6IBVtM4=;
        b=c7bVD2YqKdyMzSGPhz4TOny1+Qb4TwaWbuHNvVVPsXGymU8PBpSBB7YXd6tmnlwOdH
         Ot34B6rVYlN8bEl+XI2Kdl8/koz1Hhja4newfYKNa24/X8r9iTmMf3tdS5ifIr+lRJCy
         fqAAykiSbEpNft+YNWOsA49i1/QH2Qh79IYWqYqLgszH2z8nDaH5scSw+7mHb/jgmUyh
         1w8c3H/KHOaff8WHW5WTYVV+uxNjJJ9pI5cOLwAf2C9lEV9khVjjhHc0A2s+X9HSsHjo
         4i8vv8rhRmyTTsNlhzyM/ENwx3RriiiMXsqqwQonObg8hxzcLZAocmzMa1kPcmXfaViJ
         5kPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532050; x=1690124050;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=HqI+jXiAb0jcxHpq4/ZvjHZIHoyoVWwys0Is6IBVtM4=;
        b=lkZ2ZI/alMLYlKf79dRypZRYZdi7nb+4TGdlzJjn+pPd2vuJD1p6WBMk7rkyECc525
         D4auiWDP4CZJCQb5x4ueF7w44+oJOEn9am0oMon3YPuMmGTgKI4i3lTUBcphQdrLG++3
         02WMzcukPSE/tOP9g1uo8NJdxZoy8FQIH46Yjyy0LllPpj9ex26+pJ6nUWh50Rd2hjGY
         77CR0f4w3Z5eAQPeLKKnubJVwf0fLLMfvdpQBZypJI1UULaZY2bvNkXLljCYI1+N16Tp
         xCHAIy0t4CWDZVX4Ef2RJtGvtxgbd05xSPcruByb/yrgP1m+/UCCx+ptIVYbw2Mf1Vtm
         +f0Q==
X-Gm-Message-State: AC+VfDzRwPVHzn3ez+vYQA9Lt93DeL6xYYPBvRmVKCaATyDofD3QOXPd
        G/CmI4MSf9455kC1dO75y1tHrfejhVK4bQ==
X-Google-Smtp-Source: 
 ACHHUZ4A7csCluvi7r2otQ1nc0UzpHldVSx2HeNZ1vMkd4tjGszPf85LyWA6hf+czRvanEClC6t/zg==
X-Received: by 2002:a17:90a:6f02:b0:25b:c528:8456 with SMTP id
 d2-20020a17090a6f0200b0025bc5288456mr10924793pjk.25.1687532050234;
        Fri, 23 Jun 2023 07:54:10 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:09 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 2/8] sign-file: inntroduce few new flags to make argument
 processing easy.
Date: Fri, 23 Jun 2023 20:23:52 +0530
Message-ID: <20230623145358.568971-3-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

- Add some more options like help, x509, hashalgo to command line args
- This makes it easy to handle and use command line args wherever needed

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 63 ++++++++++++++++++++++++++++++++-------------
 1 file changed, 45 insertions(+), 18 deletions(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 94228865b6cc..b0f340ea629b 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -215,6 +215,11 @@ static X509 *read_x509(const char *x509_name)
=20
 struct cmd_opts {
 	char *raw_sig_name;
+	char *hash_algo;
+	char *dest_name;
+	char *private_key_name;
+	char *x509_name;
+	char *module_name;
 	bool save_sig;
 	bool replace_orig;
 	bool raw_sig;
@@ -233,6 +238,12 @@ static void parse_args(int argc, char **argv, struct c=
md_opts *opts)
 #ifndef USE_PKCS7
 		{"usekeyid",	no_argument,	    0,	'k'},
 #endif
+		{"help",	no_argument,	    0,	'h'},
+		{"privkey",	required_argument,  0,	'i'},
+		{"hashalgo",	required_argument,  0,	'a'},
+		{"x509",	required_argument,  0,	'x'},
+		{"dest",	required_argument,  0,	'd'},
+		{"replaceorig",	required_argument,  0,	'r'},
 		{0, 0, 0, 0}
 	};
=20
@@ -241,10 +252,10 @@ static void parse_args(int argc, char **argv, struct =
cmd_opts *opts)
=20
 	do {
 #ifndef USE_PKCS7
-		opt =3D getopt_long_only(argc, argv, "pds:",
+		opt =3D getopt_long_only(argc, argv, "hpds:i:a:x:t:r:",
 				cmd_options, &opt_index);
 #else
-		opt =3D getopt_long_only(argc, argv, "pdks:",
+		opt =3D getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:",
 				cmd_options, &opt_index);
 #endif
 		switch (opt) {
@@ -268,6 +279,30 @@ static void parse_args(int argc, char **argv, struct c=
md_opts *opts)
 			break;
 #endif
=20
+		case 'h':
+			format();
+			break;
+
+		case 'i':
+			opts->private_key_name =3D optarg;
+			break;
+
+		case 'a':
+			opts->hash_algo =3D optarg;
+			break;
+
+		case 'x':
+			opts->x509_name =3D optarg;
+			break;
+
+		case 't':
+			opts->dest_name =3D optarg;
+			break;
+
+		case 'r':
+			opts->replace_orig =3D true;
+			break;
+
 		case -1:
 			break;
=20
@@ -281,9 +316,6 @@ static void parse_args(int argc, char **argv, struct cm=
d_opts *opts)
 int main(int argc, char **argv)
 {
 	struct module_signature sig_info =3D { .id_type =3D PKEY_ID_PKCS7 };
-	char *hash_algo =3D NULL;
-	char *private_key_name =3D NULL;
-	char *x509_name, *module_name, *dest_name;
 	unsigned char buf[4096];
 	unsigned long module_size, sig_size;
 	unsigned int use_signed_attrs;
@@ -315,32 +347,27 @@ int main(int argc, char **argv)
 	argv +=3D optind;
=20
 	const char *raw_sig_name =3D opts.raw_sig_name;
+	const char *hash_algo =3D opts.hash_algo;
+	const char *private_key_name =3D opts.private_key_name;
+	const char *x509_name =3D opts.x509_name;
+	const char *module_name =3D opts.module_name;
 	const bool save_sig =3D opts.save_sig;
 	const bool raw_sig =3D opts.raw_sig;
 	const bool sign_only =3D opts.sign_only;
 	bool replace_orig =3D opts.replace_orig;
+	char *dest_name =3D opts.dest_name;
 #ifndef USE_PKCS7
 	const unsigned int use_keyid =3D opts.use_keyid;
 #endif
=20
-	if (argc < 4 || argc > 5)
+	if (!argv[0] || argc !=3D 1)
 		format();
=20
-	if (raw_sig) {
-		raw_sig_name =3D argv[0];
-		hash_algo =3D argv[1];
-	} else {
-		hash_algo =3D argv[0];
-		private_key_name =3D argv[1];
-	}
-	x509_name =3D argv[2];
-	module_name =3D argv[3];
-	if (argc =3D=3D 5 && strcmp(argv[3], argv[4]) !=3D 0) {
-		dest_name =3D argv[4];
+	if (dest_name && strcmp(argv[0], dest_name)) {
 		replace_orig =3D false;
 	} else {
 		ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
-		    "asprintf");
+				"asprintf");
 		replace_orig =3D true;
 	}
=20
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AF2EFEB64D7
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:55:08 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230229AbjFWOzG (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:55:06 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47632 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232373AbjFWOyP (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:15 -0400
Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com
 [IPv6:2607:f8b0:4864:20::1034])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B6734271B
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:12 -0700 (PDT)
Received: by mail-pj1-x1034.google.com with SMTP id
 98e67ed59e1d1-25e83254ff5so560578a91.1
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532052; x=1690124052;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=kc/8xA5HfVOnw4JeGBWUmNDme5l9D/HCBm9IBlclfHU=;
        b=jfHEmqaePh3Mgv+ZqPdIxWaYbSPMmLnSTjt5EahTxbIwcFUn2zCjoTFo2qKJ72awJZ
         Aja6wviBJoVorJpSwBENH5AHRVHui627MpmAsxwf+Ekysi5hZzjeEg/W2u92vaC4mTLZ
         6FpwvaVMLKxu7/vb9n8twlIutl+/l7UW1Psr3bkbFIsmoF6TASD7GMfOe9JBbNhr2fVb
         /MlbhWM2kUgZE7HLRqWzfFPrFLvjsIaasiq9rXNZsbk++mACAQWZsAE5+R4pfgw7PPmx
         Qv8MsrfRV9S3c8jcIQV0CGUFmKSZaXGqFrE5Pwjhhub9BQpIzmo09G2R9lF48ipJ+ujl
         1Fsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532052; x=1690124052;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=kc/8xA5HfVOnw4JeGBWUmNDme5l9D/HCBm9IBlclfHU=;
        b=I/EInDTec/DMSm4e+D4t294LmMnFM2ges85JBiOHuEPLJh4ISOc4Blj/MXdfv9sJpf
         7hw10IfkHdwbKXTzixP/RPHSGgPp7cLWDN0mzehOVsdCqOT50D6794tXjvFj5pG811FV
         aHnk6QU2NwgsO/i2v4UctkwKZBXg3wF+0AbwWrw/+yH5Ky54FAoN+tqqZUJViM8buNGC
         RdHDqj3VfYbQAq6vRH+hMFIECQQe9P3ALr5fZO5vfYxq3RzLzv9tIWDCr9egO/U07fop
         3ofAyYgCJ2WzRasKRJLpTXoJKgnL07gsSsOJglXcWHQOfiXEBqo0FT/RbaOABmmcoWzP
         utWw==
X-Gm-Message-State: AC+VfDxIVvr7+7NTqgy1qxvGNe8aq60nVaxuxQuVP1bwBeTAaLikXy3B
        Eq5AfFoFSPIzOd5jbk0vI/o=
X-Google-Smtp-Source: 
 ACHHUZ7xETUPYii71jBZAK71Dsqepy0rhUzFyOfT9150+xZ6Wv2pUSf5fvO8k1W5OPzvL8aTSETCSQ==
X-Received: by 2002:a17:90b:17d0:b0:256:ae6c:fd1f with SMTP id
 me16-20020a17090b17d000b00256ae6cfd1fmr29292871pjb.20.1687532051790;
        Fri, 23 Jun 2023 07:54:11 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.10
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:11 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 3/8] sign-file: move file signing logic to its own function
Date: Fri, 23 Jun 2023 20:23:53 +0530
Message-ID: <20230623145358.568971-4-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Keep the main function bare minimal and do less in main function.
This patch is pre-work for bulk module signing support.

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 115 +++++++++++++++++++++-----------------------
 1 file changed, 54 insertions(+), 61 deletions(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index b0f340ea629b..64d5e00f08e2 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -313,10 +313,10 @@ static void parse_args(int argc, char **argv, struct =
cmd_opts *opts)
 	} while (opt !=3D -1);
 }
=20
-int main(int argc, char **argv)
+static int sign_single_file(struct cmd_opts *opts)
 {
 	struct module_signature sig_info =3D { .id_type =3D PKEY_ID_PKCS7 };
-	unsigned char buf[4096];
+	unsigned char buf[4096] =3D {};
 	unsigned long module_size, sig_size;
 	unsigned int use_signed_attrs;
 	const EVP_MD *digest_algo;
@@ -329,11 +329,6 @@ int main(int argc, char **argv)
 	X509 *x509;
 	BIO *bd, *bm;
 	int n;
-	struct cmd_opts opts =3D {};
-
-	OpenSSL_add_all_algorithms();
-	ERR_load_crypto_strings();
-	ERR_clear_error();
=20
 	key_pass =3D getenv("KBUILD_SIGN_PIN");
=20
@@ -342,34 +337,6 @@ int main(int argc, char **argv)
 #else
 	use_signed_attrs =3D PKCS7_NOATTR;
 #endif
-	parse_args(argc, argv, &opts);
-	argc -=3D optind;
-	argv +=3D optind;
-
-	const char *raw_sig_name =3D opts.raw_sig_name;
-	const char *hash_algo =3D opts.hash_algo;
-	const char *private_key_name =3D opts.private_key_name;
-	const char *x509_name =3D opts.x509_name;
-	const char *module_name =3D opts.module_name;
-	const bool save_sig =3D opts.save_sig;
-	const bool raw_sig =3D opts.raw_sig;
-	const bool sign_only =3D opts.sign_only;
-	bool replace_orig =3D opts.replace_orig;
-	char *dest_name =3D opts.dest_name;
-#ifndef USE_PKCS7
-	const unsigned int use_keyid =3D opts.use_keyid;
-#endif
-
-	if (!argv[0] || argc !=3D 1)
-		format();
-
-	if (dest_name && strcmp(argv[0], dest_name)) {
-		replace_orig =3D false;
-	} else {
-		ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
-				"asprintf");
-		replace_orig =3D true;
-	}
=20
 #ifdef USE_PKCS7
 	if (strcmp(hash_algo, "sha1") !=3D 0) {
@@ -380,20 +347,20 @@ int main(int argc, char **argv)
 #endif
=20
 	/* Open the module file */
-	bm =3D BIO_new_file(module_name, "rb");
-	ERR(!bm, "%s", module_name);
+	bm =3D BIO_new_file(opts->module_name, "rb");
+	ERR(!bm, "%s", opts->module_name);
=20
-	if (!raw_sig) {
+	if (!opts->raw_sig) {
 		/* Read the private key and the X.509 cert the PKCS#7 message
 		 * will point to.
 		 */
-		private_key =3D read_private_key(private_key_name);
-		x509 =3D read_x509(x509_name);
+		private_key =3D read_private_key(opts->private_key_name);
+		x509 =3D read_x509(opts->x509_name);
=20
 		/* Digest the module data. */
 		OpenSSL_add_all_digests();
 		display_openssl_errors(__LINE__);
-		digest_algo =3D EVP_get_digestbyname(hash_algo);
+		digest_algo =3D EVP_get_digestbyname(opts->hash_algo);
 		ERR(!digest_algo, "EVP_get_digestbyname");
=20
 #ifndef USE_PKCS7
@@ -405,7 +372,7 @@ int main(int argc, char **argv)
=20
 		ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo,
 				     CMS_NOCERTS | CMS_BINARY |
-				     CMS_NOSMIMECAP | use_keyid |
+				     CMS_NOSMIMECAP | opts->use_keyid |
 				     use_signed_attrs),
 		    "CMS_add1_signer");
 		ERR(CMS_final(cms, bm, NULL, CMS_NOCERTS | CMS_BINARY) < 0,
@@ -418,11 +385,11 @@ int main(int argc, char **argv)
 		ERR(!pkcs7, "PKCS7_sign");
 #endif
=20
-		if (save_sig) {
+		if (opts->save_sig) {
 			char *sig_file_name;
 			BIO *b;
=20
-			ERR(asprintf(&sig_file_name, "%s.p7s", module_name) < 0,
+			ERR(asprintf(&sig_file_name, "%s.p7s", opts->module_name) < 0,
 			    "asprintf");
 			b =3D BIO_new_file(sig_file_name, "wb");
 			ERR(!b, "%s", sig_file_name);
@@ -436,7 +403,7 @@ int main(int argc, char **argv)
 			BIO_free(b);
 		}
=20
-		if (sign_only) {
+		if (opts->sign_only) {
 			BIO_free(bm);
 			return 0;
 		}
@@ -445,24 +412,24 @@ int main(int argc, char **argv)
 	/* Open the destination file now so that we can shovel the module data
 	 * across as we read it.
 	 */
-	bd =3D BIO_new_file(dest_name, "wb");
-	ERR(!bd, "%s", dest_name);
+	bd =3D BIO_new_file(opts->dest_name, "wb");
+	ERR(!bd, "%s", opts->dest_name);
=20
 	/* Append the marker and the PKCS#7 message to the destination file */
-	ERR(BIO_reset(bm) < 0, "%s", module_name);
+	ERR(BIO_reset(bm) < 0, "%s", opts->module_name);
 	while ((n =3D BIO_read(bm, buf, sizeof(buf))),
 	       n > 0) {
-		ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
+		ERR(BIO_write(bd, buf, n) < 0, "%s", opts->dest_name);
 	}
 	BIO_free(bm);
-	ERR(n < 0, "%s", module_name);
+	ERR(n < 0, "%s", opts->module_name);
 	module_size =3D BIO_number_written(bd);
=20
-	if (!raw_sig) {
+	if (!opts->raw_sig) {
 #ifndef USE_PKCS7
-		ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) < 0, "%s", dest_name);
+		ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) < 0, "%s", opts->dest_name);
 #else
-		ERR(i2d_PKCS7_bio(bd, pkcs7) < 0, "%s", dest_name);
+		ERR(i2d_PKCS7_bio(bd, pkcs7) < 0, "%s", opts->dest_name);
 #endif
 	} else {
 		BIO *b;
@@ -470,23 +437,49 @@ int main(int argc, char **argv)
 		/* Read the raw signature file and write the data to the
 		 * destination file
 		 */
-		b =3D BIO_new_file(raw_sig_name, "rb");
-		ERR(!b, "%s", raw_sig_name);
+		b =3D BIO_new_file(opts->raw_sig_name, "rb");
+		ERR(!b, "%s", opts->raw_sig_name);
 		while ((n =3D BIO_read(b, buf, sizeof(buf))), n > 0)
-			ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
+			ERR(BIO_write(bd, buf, n) < 0, "%s", opts->dest_name);
 		BIO_free(b);
 	}
=20
 	sig_size =3D BIO_number_written(bd) - module_size;
 	sig_info.sig_len =3D htonl(sig_size);
-	ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name);
-	ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest=
_name);
+	ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", opts->dest_name=
);
+	ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", opts=
->dest_name);
=20
-	ERR(BIO_free(bd) < 0, "%s", dest_name);
+	ERR(BIO_free(bd) < 0, "%s", opts->dest_name);
=20
 	/* Finally, if we're signing in place, replace the original. */
-	if (replace_orig)
-		ERR(rename(dest_name, module_name) < 0, "%s", dest_name);
+	if (opts->replace_orig)
+		ERR(rename(opts->dest_name, opts->module_name) < 0, "%s", opts->dest_nam=
e);
=20
 	return 0;
 }
+
+int main(int argc, char **argv)
+{
+	struct cmd_opts opts =3D {};
+
+	parse_args(argc, argv, &opts);
+	argc -=3D optind;
+	argv +=3D optind;
+
+	if (!argv[0] || argc !=3D 1)
+		format();
+
+	if (opts.dest_name && strcmp(argv[0], opts.dest_name)) {
+		opts.replace_orig =3D false;
+	} else {
+		ERR(asprintf(&opts.dest_name, "%s.~signed~", opts.module_name) < 0,
+				"asprintf");
+		opts.replace_orig =3D true;
+	}
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+	ERR_clear_error();
+
+	return sign_single_file(&opts);
+}
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B724FEB64DD
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:55:02 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231742AbjFWOzB (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:55:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46602 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232376AbjFWOyS (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:18 -0400
Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com
 [IPv6:2607:f8b0:4864:20::1035])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CFA1F2723
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:13 -0700 (PDT)
Received: by mail-pj1-x1035.google.com with SMTP id
 98e67ed59e1d1-25e92536fb6so409879a91.1
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532053; x=1690124053;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=p+Vc8KF36dvoTsxw7COLho0+o4ramvtbWDluJ7MN6HU=;
        b=a2/PkYg2smpuvS3byQch/ksrLNsrJqMuVqBJr3hijvm0eMfaHdQYnqIIbkBLCMGqmp
         TqQvFbPdT8IDAb+/Tcrao6iV9QVjC6wMhlh5bxxgj5DH4HMHN4Jy4VuwZrTPkLk9070o
         wLt8c9hRjbn+R3WQ7E0xhSxpnw2XoUUDvr942YqXOTJh1TVfAKpl2gQeXGRX37ThSzKG
         kenX6nE7luJ4xrsS/zLR0lQ+5Tgqr1FbM6WfikbDWWX3uTX+dV6vcp53awIcLhw1IP28
         tLXaIsm+jhdm4tWvcI9nrzU9nkKk9Sipjk/Y3D1QDyZUbpIGcTNorBH/P2grmVk+EZdk
         rvvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532053; x=1690124053;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=p+Vc8KF36dvoTsxw7COLho0+o4ramvtbWDluJ7MN6HU=;
        b=Vem8K0/FH9tkcDNMa9IXw4pp4CBNILTmQ5l8yXwkVh1pOEWelprG4/8RK3lSTrU9Mq
         fPtlIHWnaYbzWkMj2VNuvaD3sGCnLsIq+17tBnM4WkaExmt6MOAuwt+SLPeNuzC73Yeo
         9MVdGsTjOIN3m13alu5YBYbWafXclWVFY3d84dPfC4Z63ey93XRw7NiacnBTJPi80/Jd
         NkcoUcJKS6Thxi4uAv4ySVl8JPAlgwZ4pSf9swBQNeVloHcftg4+kg8rSlkHgwn3Uk9C
         FEEdXm4CsgrLhiWwkAuKsWT0S5eaFtZ5Vi71TrOE6urhfQZ/4/hnLyQN/ADJbzKVdY5P
         YO6g==
X-Gm-Message-State: AC+VfDygH7MsWD2rtMReduCcIVq5Bae7Lkt2NmICrwW1iVT22qY/E8Ih
        /+wWD2MqR6NMeCXlwZt0edE=
X-Google-Smtp-Source: 
 ACHHUZ4fCUPxK65+dqJSRB560mG3xPQTWDOdWRcHpetVNtMn8byUGFD0iqxlheV/qY734BPZTbPgAQ==
X-Received: by 2002:a17:90a:1f82:b0:250:6c76:fd9b with SMTP id
 x2-20020a17090a1f8200b002506c76fd9bmr14594353pja.38.1687532053335;
        Fri, 23 Jun 2023 07:54:13 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.11
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:13 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 4/8] sign-file: add support to sign modules in bulk
Date: Fri, 23 Jun 2023 20:23:54 +0530
Message-ID: <20230623145358.568971-5-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

In the existing system, we need to invoke sign-file binary for every
module we want to sign. This patch adds support to give modules list
in bulk and it will sign them all one by one.

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 41 +++++++++++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 14 deletions(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 64d5e00f08e2..0a275256ca16 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -224,6 +224,7 @@ struct cmd_opts {
 	bool replace_orig;
 	bool raw_sig;
 	bool sign_only;
+	bool bulk_sign;
 #ifndef USE_PKCS7
 	unsigned int use_keyid;
 #endif
@@ -252,10 +253,10 @@ static void parse_args(int argc, char **argv, struct =
cmd_opts *opts)
=20
 	do {
 #ifndef USE_PKCS7
-		opt =3D getopt_long_only(argc, argv, "hpds:i:a:x:t:r:",
+		opt =3D getopt_long_only(argc, argv, "hpdbs:i:a:x:t:r:",
 				cmd_options, &opt_index);
 #else
-		opt =3D getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:",
+		opt =3D getopt_long_only(argc, argv, "hpdkbs:i:a:x:t:r:",
 				cmd_options, &opt_index);
 #endif
 		switch (opt) {
@@ -303,6 +304,10 @@ static void parse_args(int argc, char **argv, struct c=
md_opts *opts)
 			opts->replace_orig =3D true;
 			break;
=20
+		case 'b':
+			opts->bulk_sign =3D true;
+			break;
+
 		case -1:
 			break;
=20
@@ -460,26 +465,34 @@ static int sign_single_file(struct cmd_opts *opts)
=20
 int main(int argc, char **argv)
 {
+	int i;
 	struct cmd_opts opts =3D {};
=20
 	parse_args(argc, argv, &opts);
 	argc -=3D optind;
 	argv +=3D optind;
=20
-	if (!argv[0] || argc !=3D 1)
-		format();
-
-	if (opts.dest_name && strcmp(argv[0], opts.dest_name)) {
-		opts.replace_orig =3D false;
-	} else {
-		ERR(asprintf(&opts.dest_name, "%s.~signed~", opts.module_name) < 0,
-				"asprintf");
-		opts.replace_orig =3D true;
-	}
-
 	OpenSSL_add_all_algorithms();
 	ERR_load_crypto_strings();
 	ERR_clear_error();
=20
-	return sign_single_file(&opts);
+	for (i =3D 0; i < argc; ++i) {
+		opts.module_name =3D argv[i];
+
+		if (!opts.bulk_sign && opts.dest_name && strcmp(argv[i], opts.dest_name)=
) {
+			opts.replace_orig =3D false;
+		} else {
+			ERR(asprintf(&opts.dest_name, "%s.~signed~", opts.module_name) < 0,
+				     "asprintf");
+			if (!opts.replace_orig)
+				opts.replace_orig =3D true;
+		}
+
+		if (sign_single_file(&opts)) {
+			fprintf(stderr, "Failed to sign: %s module\n", opts.module_name);
+			return -1;
+		}
+	}
+
+	return 0;
 }
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B7A64EB64DD
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:55:11 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231945AbjFWOzK (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:55:10 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45544 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232399AbjFWOyV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:21 -0400
Received: from mail-ot1-x332.google.com (mail-ot1-x332.google.com
 [IPv6:2607:f8b0:4864:20::332])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CBCA72941
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:15 -0700 (PDT)
Received: by mail-ot1-x332.google.com with SMTP id
 46e09a7af769-6b2e1023f30so662427a34.1
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532055; x=1690124055;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=Ig5W7IVmZukpubm43ufz7bJD8pT18xKkNxAjQ1Pkr0Y=;
        b=mWNYBsOVNReTLch69z2CEumPZRT6UcZtF/BD8Ozj7w2ycCpL13Kh0uK39RyCi6IfLJ
         pi3f3Le30fYMbrTAoVY8JOBhHwbuNA5q4+m/qna86/2OgXn8oBzKz41ou4ohtjwBy+nK
         kc8D8dE/Wzywwu31EsoebSy6nek6bCqb6Xg0UVnTVvbuUEmlEKz9ajrY44jgudhGeb+L
         p+N3qalRdRjQOgYaUHZnaTe8MA1p+BomL3fgdGU2LFqwKTpcYLQH2eD7GfJWAtPfnbHm
         c6gJIsfgLBxFccDBRp3Babnm0mFiDKENpTnPqNeWDzddLci68mDkFa/xWuxHUZJxTE6c
         P6dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532055; x=1690124055;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Ig5W7IVmZukpubm43ufz7bJD8pT18xKkNxAjQ1Pkr0Y=;
        b=WSn5wl5ry3yHegV48ws6EpAXVn7HBJAYBXv1RB+dxPCqP63brTvO3SWHbsSw0xkGVJ
         P2Ti2W02QeQ6I4lIekuYngHIjhfbzOSUOQNcki3PUbnMC/G8v2wI2FKEUoQgQ7WE5fwy
         CO22bMllir7cCnrl4GoXuKpNgcpv7rQQ6P2MLR3r3nTUpo68DIecFKqmsTRtstoLMXGi
         /ZBNtjU3AcL1/aqxxzDhXEI2NXKH0atTsFbcSMHaAZs1rHljKsVB1pRe7keT5NeLMMFv
         Bl2fKlDeATi7hVVSLkPer8T4IZuAULNUjbVBNSvrZEQkViludNS7dXJ9ao7SF8NoCVPm
         nokQ==
X-Gm-Message-State: AC+VfDyE2DatsJOVXLZ8V+6GVzx/o7PEhw4EYL02Ebu4GAG1qpmmfgMN
        YORVrDn9vDbNWPG1QE+J6dk=
X-Google-Smtp-Source: 
 ACHHUZ4TcEJe8yA2NMia0Jt0nUkh2/+lV9ASzPHBu3Zj3nwOilvAdy7Hna++SjZeGGEJsN33I3NX1Q==
X-Received: by 2002:a05:6808:8ef:b0:3a0:57d5:c0de with SMTP id
 d15-20020a05680808ef00b003a057d5c0demr5726095oic.31.1687532054920;
        Fri, 23 Jun 2023 07:54:14 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.13
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:14 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 5/8] sign-file: improve help message
Date: Fri, 23 Jun 2023 20:23:55 +0530
Message-ID: <20230623145358.568971-6-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Add a proper help message with examples on how to use this tool.

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 48 ++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 41 insertions(+), 7 deletions(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 0a275256ca16..d3abc5721a7e 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -74,12 +74,43 @@ struct module_signature {
 static char magic_number[] =3D "~Module signature appended~\n";
=20
 static __attribute__((noreturn))
-void format(void)
+void print_usage(void)
 {
-	fprintf(stderr,
-		"Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest=
>]\n");
-	fprintf(stderr,
-		"       scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<des=
t>]\n");
+	fprintf(stderr, "Usage: scripts/sign-file [OPTIONS]... [MODULE]...\n");
+	fprintf(stderr, "Available options:\n");
+	fprintf(stderr, "-h, --help             Print this help message and exit\=
n");
+
+	fprintf(stderr, "\nOptional args:\n");
+	fprintf(stderr, "-s, --rawsig <sig>     Raw signature\n");
+	fprintf(stderr, "-p, --savesig          Save signature\n");
+	fprintf(stderr, "-d, --signonly         Sign only\n");
+#ifndef USE_PKCS7
+	fprintf(stderr, "-k, --usekeyid         Use key ID\n");
+#endif
+	fprintf(stderr, "-b, --bulksign         Sign modules in bulk\n");
+	fprintf(stderr, "-r, --replaceorig      Replace original\n");
+	fprintf(stderr, "-t, --dest <dest>      Destination path ");
+	fprintf(stderr, "(Exclusive with bulk option)\n");
+
+	fprintf(stderr, "\nMandatory args:\n");
+	fprintf(stderr, "-i, --privkey <key>    Private key\n");
+	fprintf(stderr, "-a, --hashalgo <alg>   Hash algorithm\n");
+	fprintf(stderr, "-x, --x509 <x509>      X509\n");
+
+	fprintf(stderr, "\nExamples:\n");
+
+	fprintf(stderr, "\n    Regular signing:\n");
+	fprintf(stderr, "     scripts/sign-file -a sha512 -i certs/signing_key.pe=
m ");
+	fprintf(stderr, "-x certs/signing_key.x509 <module>\n");
+
+	fprintf(stderr, "\n    Signing with destination path:\n");
+	fprintf(stderr, "     scripts/sign-file -a sha512 -i certs/signing_key.pe=
m ");
+	fprintf(stderr, "-x certs/signing_key.x509 <module> -t <path>\n");
+
+	fprintf(stderr, "\n    Signing modules in bulk:\n");
+	fprintf(stderr, "     scripts/sign-file -a sha512 -i certs/signing_key.pe=
m ");
+	fprintf(stderr, "-x certs/signing_key.x509 -b <module1> <module2> ...\n");
+
 	exit(2);
 }
=20
@@ -281,7 +312,7 @@ static void parse_args(int argc, char **argv, struct cm=
d_opts *opts)
 #endif
=20
 		case 'h':
-			format();
+			print_usage();
 			break;
=20
 		case 'i':
@@ -312,7 +343,7 @@ static void parse_args(int argc, char **argv, struct cm=
d_opts *opts)
 			break;
=20
 		default:
-			format();
+			print_usage();
 			break;
 		}
 	} while (opt !=3D -1);
@@ -472,6 +503,9 @@ int main(int argc, char **argv)
 	argc -=3D optind;
 	argv +=3D optind;
=20
+	if ((opts.bulk_sign && opts.dest_name) || (!opts.bulk_sign && argc !=3D 1=
))
+		print_usage();
+
 	OpenSSL_add_all_algorithms();
 	ERR_load_crypto_strings();
 	ERR_clear_error();
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6C53AEB64D7
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:55:14 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232011AbjFWOzM (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:55:12 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47092 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231559AbjFWOyX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:23 -0400
Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com
 [IPv6:2607:f8b0:4864:20::533])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 536412957
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:17 -0700 (PDT)
Received: by mail-pg1-x533.google.com with SMTP id
 41be03b00d2f7-5577905ef38so193517a12.0
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532056; x=1690124056;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=21IzbhQ2qjGtr356saQ9/OyLk1G9ny5Nf5RhalLfvY4=;
        b=faPqmSp2y0syyRHOzB6aLt2UxcsCZv1TVjqArdfyvzlGx6oAUCo0ANvMefRfXlEK3/
         d8+tEwslPCEXpokhZQTtTUFU0g6WfloriqKlK9DULrdXPuhzwuHIZWlCZ3Bx7GvPpzSY
         l5yVW7+szniHuTyrleFYuMsEXeAX/AAjaSq/U63aln0FgcbC2qODOhLxgJDJe7fMHwad
         KYdrQ9ybu/GPKivmdgd0S9lB8SsfkbnkiDDRDeJ7uWb6iTssMwVIjWZAox+9Z8PBeHzy
         i2zi77QLoDncYIhOxCp6ynVTorFTSB9k7pfyKZUKJRON0jvs8BsY53WpatviqJH5HhyE
         IF/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532056; x=1690124056;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=21IzbhQ2qjGtr356saQ9/OyLk1G9ny5Nf5RhalLfvY4=;
        b=YFkQ/aUk4tiTFN8W1WWfzQidJsZilCOa22uMx02BKZa2AFG2iJtR4v6d5EduASf8Kw
         12pknNH8yhFbqL64ahGnxxEt/+sgdWhaAO5/5BUPyjM1sZoauDAkdaaCacnGhADc7bsl
         WmD9SuWeFfzOezRHlT8DlH20flbspIFViqsrf10oSDrkweQpSXExJKBWyr+xViddBpWW
         apUEIiQWuU0JLlV4WBNsW1MMXnw1BHd10RtjVY9bCnZC9NqXf0xaqG8txZQ++JKzLVak
         L7NkEVRRtwpF5Pb9CYSGpL/6Y0Of4xbaZKTvqSvW0fwJEQ40zTBguISOcft2iZYBJklC
         jQJw==
X-Gm-Message-State: AC+VfDw2tSp4uIMhUJIINs4vlasNM2V2anu99ZX/XIApKoc+M9OEY1yW
        4VakSLY24pLqLIc/Q1MkoDI=
X-Google-Smtp-Source: 
 ACHHUZ6WcZy3z60QTnLB/vtAVmfSySeh9XfBxqfQ9zP7rKPbwTmfTNFx/x0XbHo1KVeZKABjCTkh0Q==
X-Received: by 2002:a17:90b:3eca:b0:260:d265:2743 with SMTP id
 rm10-20020a17090b3eca00b00260d2652743mr9803117pjb.28.1687532056536;
        Fri, 23 Jun 2023 07:54:16 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.15
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:16 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 6/8] sign-file: use const with a global string constant
Date: Fri, 23 Jun 2023 20:23:56 +0530
Message-ID: <20230623145358.568971-7-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Reported by checkpatch.

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index d3abc5721a7e..e8dfbdd3eea3 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -71,7 +71,7 @@ struct module_signature {
=20
 #define PKEY_ID_PKCS7 2
=20
-static char magic_number[] =3D "~Module signature appended~\n";
+static const char magic_number[] =3D "~Module signature appended~\n";
=20
 static __attribute__((noreturn))
 void print_usage(void)
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7344CEB64D7
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:55:17 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231458AbjFWOzQ (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:55:16 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47422 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231713AbjFWOyZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:25 -0400
Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com
 [IPv6:2607:f8b0:4864:20::22d])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EC0C82968
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:18 -0700 (PDT)
Received: by mail-oi1-x22d.google.com with SMTP id
 5614622812f47-39e8a7701f0so494541b6e.3
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532058; x=1690124058;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=HGa/E1EozA1ONh5cNmJYBRSriG6HQN403JbmkXULwlo=;
        b=hDmOERX6zZrj/O5nFegU7i8WbSyvwnE2Tf/OYuCslAtDzhnEjihN7iXEHJT3qqLNXU
         x5qs/wZpgWE3X6xkUDGYjSgoNNXMcsH/VxHJH1yg+64h6Wk73wpYiCZH8fLmLLYDuk5m
         8HNGY6nWzUtyYpd/DCFCsmqJbJfHtVGL9NBW2kflxSMbfNXHLKFxkIWf1j27uUaIrU7u
         Az2GM3Dd3SzaVxL35LCDfYtOWrT1FRn/0MjA1dDQBP2CFNV29CTEcfsQvjG0inVx9V7N
         ihVvqw/aFvjdsC+X5UgNWl/32fcqmHdNnf8hasLG6c8QnvU9/nIGtGjIZcWLox3MeCzy
         W+2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532058; x=1690124058;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=HGa/E1EozA1ONh5cNmJYBRSriG6HQN403JbmkXULwlo=;
        b=gc7c2Jy5x8WoHKVJbrO54VvzUeg9KvuYr2ZbctjRa7RlvpEWXdYJ92HgLV6DQeWzzD
         qe5O6z9U+e9TpEEZ4v4AWiLgem2kaSeLX4WKxQVdyDYyJkSZNvnATolF1UyeK63j0fvX
         G9MP3TXoS5wvsS7hRgjeaz7rVjwTVcixk6k+ftDsrOX78P5abwIyOnwgVEkLX0pmEajN
         TGjUumq1qjeb8449iK0vyBDTHp1ILZpZMwEdZTIH6oyhFFg6dC6XzBDOuazk6aX8NOkK
         9wim6KEx5nc3rLySeURGzCbQgR2pASp86NqOJd1nNLQ7HP/7hwmC9mGRRTPi+Bj9iFsI
         1reg==
X-Gm-Message-State: AC+VfDynVKSDcelXBado3rFBOldHi2spVu54s22cl40A69a3HxNByaKj
        J9MGf8yF3Fp6i3kiapPWwYk=
X-Google-Smtp-Source: 
 ACHHUZ53ScG04P5CNQsWhcYGtcHprBtu+blXjp3c2joIMKuIhDAxHlzTN6PTZs2fUfPAu1KippZdNw==
X-Received: by 2002:a05:6808:6398:b0:39c:8bc5:f8db with SMTP id
 ec24-20020a056808639800b0039c8bc5f8dbmr19444734oib.37.1687532058231;
        Fri, 23 Jun 2023 07:54:18 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.16
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:17 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 7/8] sign-file: fix do while styling issue
Date: Fri, 23 Jun 2023 20:23:57 +0530
Message-ID: <20230623145358.568971-8-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Reported by checkpatch.

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/sign-file.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index e8dfbdd3eea3..0c95275c4564 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -147,7 +147,7 @@ static void drain_openssl_errors(void)
 		if (__cond) {				\
 			errx(1, fmt, ## __VA_ARGS__);	\
 		}					\
-	} while(0)
+	} while (0)
=20
 static const char *key_pass;
=20
--=20
2.41.0
From nobody Sat Feb  7 19:41:24 2026
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4BDDCEB64D7
	for <linux-kernel@archiver.kernel.org>; Fri, 23 Jun 2023 14:55:26 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232339AbjFWOzY (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 23 Jun 2023 10:55:24 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47506 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232098AbjFWOya (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Jun 2023 10:54:30 -0400
Received: from mail-oi1-x230.google.com (mail-oi1-x230.google.com
 [IPv6:2607:f8b0:4864:20::230])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD95F2D51
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:20 -0700 (PDT)
Received: by mail-oi1-x230.google.com with SMTP id
 5614622812f47-3a1a47b33d8so590964b6e.2
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jun 2023 07:54:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687532060; x=1690124060;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=mID52grCp6Rp54xaXRizHugggYXYdBQ2o2Zac2oS8OE=;
        b=r782OTN0tKztTuYEy6p38EC3wIYDRKkD+VZk30VaEDBZf1QuXEP3mGk+kiACiMj93k
         HNIy8P0TDoE2cQiVTrBk+JFXNvEAA84V9CbnZEkcZC/hD9W+g+ijWnxtg0jfYMDpwJiC
         ESgzixA1YvLSoKJhvW9LnessNUBLqEogXP7QM3XyrRFByfDVhTBXm5HTqIH/Yyiff9Ng
         PdO3+LITXMqqSjJ8vmuApX7Ml3AZuGf3i1iPdCINOXlkMo5hoWaltNYXQZtZf3SACK84
         G7vcMqcPwWAJhsH45soixQ7RFXd5WBcDI8d29KGo+zewTcLmMaOwb1RxUyJxiQbOs6Rm
         Aktg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687532060; x=1690124060;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=mID52grCp6Rp54xaXRizHugggYXYdBQ2o2Zac2oS8OE=;
        b=bqTwcUsYEd5E9Klv7b6rIPtIyP29J6hrpaCwLYKsP06sCU+4JjHfLjQfXDB8MFwc6O
         ZMvSbcMOe7ogQKEvrsVa7ncwSfKfj+4N9JgGLhv+mmyMs5qstin3I39ucEk96OFsfb1u
         GfD8QIlWBlL9lgYnttiOz24KK/FsoDkFbqjck1VPBV6Ogsani/uQ11uBwdnJdpTI8XT9
         2UO/LIAS17XazX4VMXiLBl6ut35fqNsMafASbl2nosN7mPjR6KzkpRAOaozXsSN41k1s
         gEn4+Zgpi3wyBSynGqEnhqhIseBQ5Zn3DoLnz7kLTo3iQQwz+y5VId7JRL5BXG1382vr
         +r1g==
X-Gm-Message-State: AC+VfDyMk7YOdnTd3jxzkHN2xjbST1t2yKeh6eMSfU/tNlZUkzBTXvWX
        U8Cmi4T+I2DRkAbtKEIcven2LZgqOf4nnA==
X-Google-Smtp-Source: 
 ACHHUZ4qxHUvPmHy2pjhsiu1qXVzfe5/xzm7G2Q2uC0n0X3KvTYN8jkssEib9I5+Y7XnYD3cBtEFKQ==
X-Received: by 2002:aca:f0b:0:b0:396:11b3:5851 with SMTP id
 11-20020aca0f0b000000b0039611b35851mr23788128oip.54.1687532059774;
        Fri, 23 Jun 2023 07:54:19 -0700 (PDT)
Received: from f38.eng.vmware.com ([66.170.99.1])
        by smtp.googlemail.com with ESMTPSA id
 fa17-20020a17090af0d100b002565cd237cdsm3359624pjb.3.2023.06.23.07.54.18
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jun 2023 07:54:19 -0700 (PDT)
From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
        gregkh@linuxfoundation.org, masahiroy@kernel.org,
        nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: [PATCH v7 8/8] kbuild: modinst: do modules_install step by step
Date: Fri, 23 Jun 2023 20:23:58 +0530
Message-ID: <20230623145358.568971-9-yesshedi@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230623145358.568971-1-yesshedi@gmail.com>
References: <20230623145358.568971-1-yesshedi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Currently Makefile.modinst does three tasks on each module built:
- Install modules
- Sign modules
- Compress modules

All the above tasks happen from a single place.

This patch divides this task further and uses a different makefile for
each task.
Signing module logic is completely refactored and everything happens
from a shell script now.

Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
 scripts/Makefile.compress |  53 ++++++++++++++++++
 scripts/Makefile.install  |  66 +++++++++++++++++++++++
 scripts/Makefile.modinst  | 111 +++-----------------------------------
 scripts/Makefile.sign     |  37 +++++++++++++
 scripts/signfile.sh       |  24 +++++++++
 5 files changed, 186 insertions(+), 105 deletions(-)
 create mode 100644 scripts/Makefile.compress
 create mode 100644 scripts/Makefile.install
 create mode 100644 scripts/Makefile.sign
 create mode 100755 scripts/signfile.sh

diff --git a/scripts/Makefile.compress b/scripts/Makefile.compress
new file mode 100644
index 000000000000..35d337ac9b6c
--- /dev/null
+++ b/scripts/Makefile.compress
@@ -0,0 +1,53 @@
+# SPDX-License-Identifier: GPL-2.0
+# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+# Compressing modules
+# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+
+PHONY :=3D __modcompress
+__modcompress:
+
+include include/config/auto.conf
+include $(srctree)/scripts/Kbuild.include
+
+modules :=3D $(call read-file, $(MODORDER))
+
+ifeq ($(KBUILD_EXTMOD),)
+dst :=3D $(MODLIB)/kernel
+else
+INSTALL_MOD_DIR ?=3D updates
+dst :=3D $(MODLIB)/$(INSTALL_MOD_DIR)
+endif
+
+suffix-y				:=3D
+suffix-$(CONFIG_MODULE_COMPRESS_GZIP)	:=3D .gz
+suffix-$(CONFIG_MODULE_COMPRESS_XZ)	:=3D .xz
+suffix-$(CONFIG_MODULE_COMPRESS_ZSTD)	:=3D .zst
+
+modules :=3D $(patsubst $(extmod_prefix)%.o, $(dst)/%.ko$(suffix-y), $(mod=
ules))
+
+__modcompress: $(modules)
+	@:
+
+#
+# Compression
+#
+quiet_cmd_gzip =3D GZIP    $@
+      cmd_gzip =3D $(KGZIP) -n -f $<
+quiet_cmd_xz =3D XZ      $@
+      cmd_xz =3D $(XZ) --lzma2=3Ddict=3D2MiB -f $<
+quiet_cmd_zstd =3D ZSTD    $@
+      cmd_zstd =3D $(ZSTD) -T0 --rm -f -q $<
+
+$(dst)/%.ko.gz: $(dst)/%.ko FORCE
+	$(call cmd,gzip)
+
+$(dst)/%.ko.xz: $(dst)/%.ko FORCE
+	$(call cmd,xz)
+
+$(dst)/%.ko.zst: $(dst)/%.ko FORCE
+	$(call cmd,zstd)
+
+PHONY +=3D FORCE
+FORCE:
+
+.PHONY: $(PHONY)
diff --git a/scripts/Makefile.install b/scripts/Makefile.install
new file mode 100644
index 000000000000..40c496cb99dc
--- /dev/null
+++ b/scripts/Makefile.install
@@ -0,0 +1,66 @@
+# SPDX-License-Identifier: GPL-2.0
+# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+# Installing modules
+# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+
+PHONY :=3D __modinstall
+__modinstall:
+
+include include/config/auto.conf
+include $(srctree)/scripts/Kbuild.include
+
+modules :=3D $(call read-file, $(MODORDER))
+
+ifeq ($(KBUILD_EXTMOD),)
+dst :=3D $(MODLIB)/kernel
+else
+INSTALL_MOD_DIR ?=3D updates
+dst :=3D $(MODLIB)/$(INSTALL_MOD_DIR)
+endif
+
+$(foreach x, % :, $(if $(findstring $x, $(dst)), \
+	$(error module installation path cannot contain '$x')))
+
+modules :=3D $(patsubst $(extmod_prefix)%.o, $(dst)/%.ko$(suffix-y), $(mod=
ules))
+
+__modinstall: $(modules)
+	@:
+
+#
+# Installation
+#
+quiet_cmd_install =3D INSTALL $@
+      cmd_install =3D mkdir -p $(dir $@); cp $< $@
+
+# Strip
+#
+# INSTALL_MOD_STRIP, if defined, will cause modules to be stripped after t=
hey
+# are installed. If INSTALL_MOD_STRIP is '1', then the default option
+# --strip-debug will be used. Otherwise, INSTALL_MOD_STRIP value will be u=
sed
+# as the options to the strip command.
+ifdef INSTALL_MOD_STRIP
+
+ifeq ($(INSTALL_MOD_STRIP),1)
+strip-option :=3D --strip-debug
+else
+strip-option :=3D $(INSTALL_MOD_STRIP)
+endif
+
+quiet_cmd_strip =3D STRIP   $@
+      cmd_strip =3D $(STRIP) $(strip-option) $@
+
+else
+
+quiet_cmd_strip =3D
+      cmd_strip =3D :
+
+endif
+
+$(dst)/%.ko: $(extmod_prefix)%.ko FORCE
+	$(call cmd,install)
+	$(call cmd,strip)
+
+PHONY +=3D FORCE
+FORCE:
+
+.PHONY: $(PHONY)
diff --git a/scripts/Makefile.modinst b/scripts/Makefile.modinst
index ab0c5bd1a60f..d87e09e57963 100644
--- a/scripts/Makefile.modinst
+++ b/scripts/Makefile.modinst
@@ -1,116 +1,17 @@
 # SPDX-License-Identifier: GPL-2.0
 # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-# Installing modules
+# Install, Sign & Compress modules
 # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=20
-PHONY :=3D __modinst
-__modinst:
-
 include include/config/auto.conf
 include $(srctree)/scripts/Kbuild.include
=20
-modules :=3D $(call read-file, $(MODORDER))
-
-ifeq ($(KBUILD_EXTMOD),)
-dst :=3D $(MODLIB)/kernel
-else
-INSTALL_MOD_DIR ?=3D updates
-dst :=3D $(MODLIB)/$(INSTALL_MOD_DIR)
-endif
-
-$(foreach x, % :, $(if $(findstring $x, $(dst)), \
-	$(error module installation path cannot contain '$x')))
-
-suffix-y				:=3D
-suffix-$(CONFIG_MODULE_COMPRESS_GZIP)	:=3D .gz
-suffix-$(CONFIG_MODULE_COMPRESS_XZ)	:=3D .xz
-suffix-$(CONFIG_MODULE_COMPRESS_ZSTD)	:=3D .zst
-
-modules :=3D $(patsubst $(extmod_prefix)%.o, $(dst)/%.ko$(suffix-y), $(mod=
ules))
-
-__modinst: $(modules)
-	@:
-
-#
-# Installation
-#
-quiet_cmd_install =3D INSTALL $@
-      cmd_install =3D mkdir -p $(dir $@); cp $< $@
-
-# Strip
-#
-# INSTALL_MOD_STRIP, if defined, will cause modules to be stripped after t=
hey
-# are installed. If INSTALL_MOD_STRIP is '1', then the default option
-# --strip-debug will be used. Otherwise, INSTALL_MOD_STRIP value will be u=
sed
-# as the options to the strip command.
-ifdef INSTALL_MOD_STRIP
-
-ifeq ($(INSTALL_MOD_STRIP),1)
-strip-option :=3D --strip-debug
-else
-strip-option :=3D $(INSTALL_MOD_STRIP)
-endif
-
-quiet_cmd_strip =3D STRIP   $@
-      cmd_strip =3D $(STRIP) $(strip-option) $@
-
-else
-
-quiet_cmd_strip =3D
-      cmd_strip =3D :
-
-endif
-
-#
-# Signing
-# Don't stop modules_install even if we can't sign external modules.
-#
-ifeq ($(CONFIG_MODULE_SIG_ALL),y)
-ifeq ($(filter pkcs11:%, $(CONFIG_MODULE_SIG_KEY)),)
-sig-key :=3D $(if $(wildcard $(CONFIG_MODULE_SIG_KEY)),,$(srctree)/)$(CONF=
IG_MODULE_SIG_KEY)
-else
-sig-key :=3D $(CONFIG_MODULE_SIG_KEY)
-endif
-quiet_cmd_sign =3D SIGN    $@
-      cmd_sign =3D scripts/sign-file $(CONFIG_MODULE_SIG_HASH) "$(sig-key)=
" certs/signing_key.x509 $@ \
-                 $(if $(KBUILD_EXTMOD),|| true)
-else
-quiet_cmd_sign :=3D
-      cmd_sign :=3D :
-endif
-
-ifeq ($(modules_sign_only),)
-
-$(dst)/%.ko: $(extmod_prefix)%.ko FORCE
-	$(call cmd,install)
-	$(call cmd,strip)
-	$(call cmd,sign)
-
-else
-
-$(dst)/%.ko: FORCE
-	$(call cmd,sign)
-
-endif
-
-#
-# Compression
-#
-quiet_cmd_gzip =3D GZIP    $@
-      cmd_gzip =3D $(KGZIP) -n -f $<
-quiet_cmd_xz =3D XZ      $@
-      cmd_xz =3D $(XZ) --lzma2=3Ddict=3D2MiB -f $<
-quiet_cmd_zstd =3D ZSTD    $@
-      cmd_zstd =3D $(ZSTD) -T0 --rm -f -q $<
-
-$(dst)/%.ko.gz: $(dst)/%.ko FORCE
-	$(call cmd,gzip)
-
-$(dst)/%.ko.xz: $(dst)/%.ko FORCE
-	$(call cmd,xz)
+PHONY :=3D __modinst
=20
-$(dst)/%.ko.zst: $(dst)/%.ko FORCE
-	$(call cmd,zstd)
+__modinst: FORCE
+	$(MAKE) -f scripts/Makefile.install
+	$(MAKE) -f scripts/Makefile.sign
+	$(MAKE) -f scripts/Makefile.compress
=20
 PHONY +=3D FORCE
 FORCE:
diff --git a/scripts/Makefile.sign b/scripts/Makefile.sign
new file mode 100644
index 000000000000..d6b242b16657
--- /dev/null
+++ b/scripts/Makefile.sign
@@ -0,0 +1,37 @@
+# SPDX-License-Identifier: GPL-2.0
+# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+# Signing modules
+# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
+
+PHONY :=3D __modsign
+__modsign:
+
+include include/config/auto.conf
+include $(srctree)/scripts/Kbuild.include
+
+#
+# Signing
+# Don't stop modules_install even if we can't sign external modules.
+#
+ifeq ($(CONFIG_MODULE_SIG_ALL),y)
+ifeq ($(filter pkcs11:%, $(CONFIG_MODULE_SIG_KEY)),)
+sig-key :=3D $(if $(wildcard $(CONFIG_MODULE_SIG_KEY)),,$(srctree)/)$(CONF=
IG_MODULE_SIG_KEY)
+else
+sig-key :=3D $(CONFIG_MODULE_SIG_KEY)
+endif
+quiet_cmd_sign =3D SIGNING ALL MODULES ...
+      cmd_sign =3D $(CONFIG_SHELL) $(srctree)/scripts/signfile.sh \
+					 "$(CONFIG_MODULE_SIG_HASH)" \
+					 "$(sig-key)"
+else
+quiet_cmd_sign :=3D
+      cmd_sign :=3D :
+endif
+
+__modsign: FORCE
+	$(call cmd,sign)
+
+PHONY +=3D FORCE
+FORCE:
+
+.PHONY: $(PHONY)
diff --git a/scripts/signfile.sh b/scripts/signfile.sh
new file mode 100755
index 000000000000..b2b58bfbd5ba
--- /dev/null
+++ b/scripts/signfile.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-2.0
+#
+# A sign-file wrapper used by scripts/Makefile.sign
+
+#set -x
+
+if test $# -ne 2; then
+	echo "Usage: $0 <hash-algo> <sign-key>" >&2
+	exit 1
+fi
+
+SIG_HASH=3D"$1"
+SIG_KEY=3D"$2"
+
+MODULES_PATH=3D"${INSTALL_MOD_PATH}/lib/modules/${KERNELRELEASE}"
+
+find "${MODULES_PATH}" -name *.ko -type f -print0 | \
+	xargs -r -0 -P$(nproc) -x -n32 sh -c "\
+${srctree}/scripts/sign-file \
+-a \"${SIG_HASH}\" \
+-i \"${SIG_KEY}\" \
+-x ${srctree}/certs/signing_key.x509 \
+-b \$@ \$0"
--=20
2.41.0