diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-05-19 20:36:26 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-05-19 20:36:26 +0200 |
commit | ec67b14c1be4ebe4cf08f06746a8d0313ab85432 (patch) | |
tree | 8eb036b8f9174a0b2c9bc14700845a977c5788db /scripts | |
parent | Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm (diff) | |
parent | localmodconfig: Fix whitespace repeat count after "tristate" (diff) | |
download | linux-ec67b14c1be4ebe4cf08f06746a8d0313ab85432.tar.xz linux-ec67b14c1be4ebe4cf08f06746a8d0313ab85432.zip |
Merge tag 'localmodconfig-v4.7' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-kconfig
Pull localmodconfig updates from Steven Rostedt.
"Benjamin Poirier added some minor fixes and clean ups to
localmodconfig.
One is a fix for making sure that module signing still works when
coming from a different environment. If original keys are not found
it will warn and reset the keys to their default value"
* tag 'localmodconfig-v4.7' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-kconfig:
localmodconfig: Fix whitespace repeat count after "tristate"
localmodconfig: Reset certificate paths
localmodconfig: Add missing $ to reference a variable
localmodconfig: Fix parsing of "help" text
localmodconfig: Recognize more keywords that end a menu entry
localmodconfig: Fix parsing of Kconfig "source" statements
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/kconfig/streamline_config.pl | 44 |
1 files changed, 39 insertions, 5 deletions
diff --git a/scripts/kconfig/streamline_config.pl b/scripts/kconfig/streamline_config.pl index f3d3fb42b873..b8c7b29affc5 100755 --- a/scripts/kconfig/streamline_config.pl +++ b/scripts/kconfig/streamline_config.pl @@ -188,7 +188,7 @@ sub read_kconfig { $cont = 0; # collect any Kconfig sources - if (/^source\s*"(.*)"/) { + if (/^source\s+"?([^"]+)/) { my $kconfig = $1; # prevent reading twice. if (!defined($read_kconfigs{$kconfig})) { @@ -237,7 +237,7 @@ sub read_kconfig { } # configs without prompts must be selected - } elsif ($state ne "NONE" && /^\s*tristate\s\S/) { + } elsif ($state ne "NONE" && /^\s*(tristate\s+\S|prompt\b)/) { # note if the config has a prompt $prompts{$config} = 1; @@ -256,8 +256,8 @@ sub read_kconfig { $iflevel-- if ($iflevel); - # stop on "help" - } elsif (/^\s*help\s*$/) { + # stop on "help" and keywords that end a menu entry + } elsif (/^\s*(---)?help(---)?\s*$/ || /^(comment|choice|menu)\b/) { $state = "NONE"; } } @@ -454,7 +454,7 @@ sub parse_config_depends $p =~ s/^[^$valid]*[$valid]+//; # We only need to process if the depend config is a module - if (!defined($orig_configs{$conf}) || !$orig_configs{conf} eq "m") { + if (!defined($orig_configs{$conf}) || $orig_configs{$conf} eq "y") { next; } @@ -610,6 +610,40 @@ foreach my $line (@config_file) { next; } + if (/CONFIG_MODULE_SIG_KEY="(.+)"/) { + my $orig_cert = $1; + my $default_cert = "certs/signing_key.pem"; + + # Check that the logic in this script still matches the one in Kconfig + if (!defined($depends{"MODULE_SIG_KEY"}) || + $depends{"MODULE_SIG_KEY"} !~ /"\Q$default_cert\E"/) { + print STDERR "WARNING: MODULE_SIG_KEY assertion failure, ", + "update needed to ", __FILE__, " line ", __LINE__, "\n"; + print; + } elsif ($orig_cert ne $default_cert && ! -f $orig_cert) { + print STDERR "Module signature verification enabled but ", + "module signing key \"$orig_cert\" not found. Resetting ", + "signing key to default value.\n"; + print "CONFIG_MODULE_SIG_KEY=\"$default_cert\"\n"; + } else { + print; + } + next; + } + + if (/CONFIG_SYSTEM_TRUSTED_KEYS="(.+)"/) { + my $orig_keys = $1; + + if (! -f $orig_keys) { + print STDERR "System keyring enabled but keys \"$orig_keys\" ", + "not found. Resetting keys to default value.\n"; + print "CONFIG_SYSTEM_TRUSTED_KEYS=\"\"\n"; + } else { + print; + } + next; + } + if (/^(CONFIG.*)=(m|y)/) { if (defined($configs{$1})) { if ($localyesconfig) { |