On 2016/04/26 10:02, Steven Rostedt wrote: > On Sat, 2 Apr 2016 10:55:22 -0700 > Benjamin Poirier <bpoirier@xxxxxxxx> wrote: > > > When using `make localmodconfig` and friends, if the input config comes > > from a kernel that was built in a different environment (for example, the > > canonical case of using localmodconfig to trim a distribution kernel > > config) the key files for module signature checking will not be available > > and should be regenerated or omitted. Otherwise, the user will be faced > > with annoying errors when trying to build with the generated .config: > > > > make[1]: *** No rule to make target 'keyring.crt', needed by 'certs/x509_certificate_list'. Stop. > > Makefile:1576: recipe for target 'certs/' failed > > > > Signed-off-by: Benjamin Poirier <bpoirier@xxxxxxxx> > > --- > > scripts/kconfig/streamline_config.pl | 34 ++++++++++++++++++++++++++++++++++ > > 1 file changed, 34 insertions(+) > > > > diff --git a/scripts/kconfig/streamline_config.pl b/scripts/kconfig/streamline_config.pl > > index 7036ae3..514735d 100755 > > --- a/scripts/kconfig/streamline_config.pl > > +++ b/scripts/kconfig/streamline_config.pl > > @@ -610,6 +610,40 @@ foreach my $line (@config_file) { > > next; > > } > > > > + if (/CONFIG_MODULE_SIG_KEY="(.+)"/) { > > + my $orig_cert = $1; > > + my $default_cert = "certs/signing_key.pem"; > > + > > + # Check that the logic in this script still matches the one in Kconfig > > + if (!defined($depends{"MODULE_SIG_KEY"}) || > > + $depends{"MODULE_SIG_KEY"} !~ /"\Q$default_cert\E"/) { > > + die "Assertion failure, update needed"; > > Instead of dieing here, what about just going back to the current > behavior, and ignore the sig keys? I was concerned that the warning may go unnoticed but I think you're right. It is the same kind of concern between a BUG() or a WARN_ON(). In this case it certainly is possible to keep going and ignore the certificate check, as you suggest. -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html