Re: Still some race in X509 certificates handling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2015-02-18 15:04, Michal Marek wrote:
> On 2015-02-13 13:15, David Howells wrote:
>> Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>>
>>> When it happens, I can do a rebuild, and the build will say
>>>
>>>    X.509 certificate list changed
>>>
>>> which is kind of odd, since the list should *always* be just that
>>> single key for me (ie "./signing_key.509").
>>
>> Did you by any chance set aside a build tree that went wrong?  If so, could
>> you have a look to see what's in:
>>
>> 	<builddir>/kernel/.x509.list
>> 	<builddir>/kernel/x509_certificate_list (note this is binary)
>> 	<builddir>/x509.genkey
>>
>> and make sure that:
>>
>> 	<builddir>/signing_key.priv
>> 	<builddir>/signing_key.x509
>>
>> both exist.  I wonder if the problem might perhaps be due to one of
>> signing_key.priv or signing_key.x509 getting removed somehow - but not both.
> 
> It could also be due to the usage of realpath when building the

Actually, I sent a patch for the "X.509 certificate list changed"
message last October: https://lkml.org/lkml/2014/10/8/306, please apply
it. However, this is just a spurious rebuild. The cause for the
signature verification error must be something else.

Michal
--
To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux&nblp;USB Development]     [Linux Media]     [Video for Linux]     [Linux Audio Users]     [Yosemite Secrets]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux