This is a note to let you know that I've just added the patch titled
modsign: hide openssl output in silent builds
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
modsign-hide-openssl-output-in-silent-builds.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 5d06ee20b662a78417245714fc576cba90e6374f Mon Sep 17 00:00:00 2001
From: Arnd Bergmann <arnd@xxxxxxxx>
Date: Thu, 25 Feb 2016 17:31:32 +0100
Subject: modsign: hide openssl output in silent builds
From: Arnd Bergmann <arnd@xxxxxxxx>
commit 5d06ee20b662a78417245714fc576cba90e6374f upstream.
When a user calls 'make -s', we can assume they don't want to
see any output except for warnings and errors, but instead
they see this for a warning free build:
###
### Now generating an X.509 key pair to be used for signing modules.
###
### If this takes a long time, you might wish to run rngd in the
### background to keep the supply of entropy topped up. It
### needs to be run as root, and uses a hardware random
### number generator if one is available.
###
Generating a 4096 bit RSA private key
.................................................................................................................................................................................................................................++
..............................................................................................................................++
writing new private key to 'certs/signing_key.pem'
-----
###
### Key pair generated.
###
The output can confuse simple build testing scripts that just check
for an empty build log.
This patch silences all the output:
- "echo" is changed to "@$(kecho)", which is dropped when "-s" gets
passed
- the openssl command itself is only printed with V=1, using the
$(Q) macro
- The output of openssl gets redirected to /dev/null on "-s" builds.
Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
certs/Makefile | 33 +++++++++++++++++++--------------
1 file changed, 19 insertions(+), 14 deletions(-)
--- a/certs/Makefile
+++ b/certs/Makefile
@@ -36,29 +36,34 @@ ifndef CONFIG_MODULE_SIG_HASH
$(error Could not determine digest type to use from kernel config)
endif
+redirect_openssl = 2>&1
+quiet_redirect_openssl = 2>&1
+silent_redirect_openssl = 2>/dev/null
+
# We do it this way rather than having a boolean option for enabling an
# external private key, because 'make randconfig' might enable such a
# boolean option and we unfortunately can't make it depend on !RANDCONFIG.
ifeq ($(CONFIG_MODULE_SIG_KEY),"certs/signing_key.pem")
$(obj)/signing_key.pem: $(obj)/x509.genkey
- @echo "###"
- @echo "### Now generating an X.509 key pair to be used for signing modules."
- @echo "###"
- @echo "### If this takes a long time, you might wish to run rngd in the"
- @echo "### background to keep the supply of entropy topped up. It"
- @echo "### needs to be run as root, and uses a hardware random"
- @echo "### number generator if one is available."
- @echo "###"
- openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
+ @$(kecho) "###"
+ @$(kecho) "### Now generating an X.509 key pair to be used for signing modules."
+ @$(kecho) "###"
+ @$(kecho) "### If this takes a long time, you might wish to run rngd in the"
+ @$(kecho) "### background to keep the supply of entropy topped up. It"
+ @$(kecho) "### needs to be run as root, and uses a hardware random"
+ @$(kecho) "### number generator if one is available."
+ @$(kecho) "###"
+ $(Q)openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
-batch -x509 -config $(obj)/x509.genkey \
-outform PEM -out $(obj)/signing_key.pem \
- -keyout $(obj)/signing_key.pem 2>&1
- @echo "###"
- @echo "### Key pair generated."
- @echo "###"
+ -keyout $(obj)/signing_key.pem \
+ $($(quiet)redirect_openssl)
+ @$(kecho) "###"
+ @$(kecho) "### Key pair generated."
+ @$(kecho) "###"
$(obj)/x509.genkey:
- @echo Generating X.509 key generation config
+ @$(kecho) Generating X.509 key generation config
@echo >$@ "[ req ]"
@echo >>$@ "default_bits = 4096"
@echo >>$@ "distinguished_name = req_distinguished_name"
Patches currently in stable-queue which might be from arnd@xxxxxxxx are
queue-4.4/kasan-rework-kconfig-settings.patch
queue-4.4/hdpvr-hide-unused-variable.patch
queue-4.4/mtd-ichxrom-maybe-uninitialized-with-gcc-4.9.patch
queue-4.4/profile-hide-unused-functions-when-config_proc_fs.patch
queue-4.4/perf-x86-shut-up-false-positive-wmaybe-uninitialized-warning.patch
queue-4.4/hwrng-exynos-use-__maybe_unused-to-hide-pm-functions.patch
queue-4.4/usb-cdc_subset-only-build-when-one-driver-is-enabled.patch
queue-4.4/ipv4-ipconfig-avoid-unused-ic_proto_used-symbol.patch
queue-4.4/revert-power-bq27xxx_battery-remove-unneeded-dependency-in-kconfig.patch
queue-4.4/go7007-add-media_camera_support-dependency.patch
queue-4.4/scsi-advansys-fix-build-warning-for-pci-n.patch
queue-4.4/ssb-mark-ssb_bus_register-as-__maybe_unused.patch
queue-4.4/tty-cyclades-cyz_interrupt-is-only-used-for-pci.patch
queue-4.4/infiniband-cxgb4-use-pr-format-string-for-printing-resources.patch
queue-4.4/video-fbdev-via-remove-possibly-unused-variables.patch
queue-4.4/binfmt_elf-compat-avoid-unused-function-warning.patch
queue-4.4/drm-gma500-remove-helper-function.patch
queue-4.4/fbdev-s6e8ax0-avoid-unused-function-warnings.patch
queue-4.4/netfilter-ipvs-avoid-unused-variable-warnings.patch
queue-4.4/idle-i7300-add-pci-dependency.patch
queue-4.4/b2c2-flexcop-avoid-unused-function-warnings.patch
queue-4.4/fbdev-auo_k190x-avoid-unused-function-warnings.patch
queue-4.4/cw1200-fix-bogus-maybe-uninitialized-warning.patch
queue-4.4/x86-build-silence-the-build-with-make-s.patch
queue-4.4/gpio-xgene-mark-pm-functions-as-__maybe_unused.patch
queue-4.4/kvm-add-x86_local_apic-dependency.patch
queue-4.4/arm-tegra-select-usb_ulpi-from-ehci-rather-than-platform.patch
queue-4.4/asoc-mediatek-add-i2c-dependency.patch
queue-4.4/reiserfs-avoid-a-wmaybe-uninitialized-warning.patch
queue-4.4/scsi-advansys-fix-uninitialized-data-access.patch
queue-4.4/mtd-sh_flctl-pass-fifo-as-physical-address.patch
queue-4.4/driver-core-use-dev-argument-in-dev_dbg_ratelimited-stub.patch
queue-4.4/modsign-hide-openssl-output-in-silent-builds.patch
queue-4.4/net-hp100-remove-unnecessary-ifdefs.patch
queue-4.4/genirq-msi-add-stubs-for-get_cached_msi_msg-pci_write_msi_msg.patch
queue-4.4/asoc-intel-kconfig-fix-build-when-acpi-is-not-enabled.patch
queue-4.4/asoc-ux500-add-module_license-tag.patch
queue-4.4/wireless-cw1200-use-__maybe_unused-to-hide-pm-functions_.patch
queue-4.4/mptfusion-hide-unused-seq_mpt_print_ioc_summary-function.patch
queue-4.4/tlan-avoid-unused-label-with-pci-n.patch
queue-4.4/usb-musb-ux500-remove-duplicate-check-for-dma_is_compatible.patch
queue-4.4/mtd-cfi-enforce-valid-geometry-configuration.patch
queue-4.4/thermal-spear-use-__maybe_unused-for-pm-functions.patch
queue-4.4/x86-microcode-amd-change-load_microcode_amd-s-param-to-bool-to-fix-preemptibility-bug.patch
queue-4.4/video-fbdev-mmp-add-module_license.patch
queue-4.4/fbdev-sis-enforce-selection-of-at-least-one-backend.patch
queue-4.4/x86-boot-avoid-warning-for-zero-filling-.bss.patch
queue-4.4/power-bq27xxx_battery-mark-some-symbols-__maybe_unused.patch
queue-4.4/scsi-mvumi-use-__maybe_unused-to-hide-pm-functions.patch
queue-4.4/usb-phy-msm-add-regulator-dependency.patch
queue-4.4/isdn-icn-remove-a-warning.patch
queue-4.4/ncr5380-shut-up-gcc-indentation-warning.patch
queue-4.4/arm64-dts-add-cooling-cells-to-cpu-nodes.patch
queue-4.4/vmxnet3-prevent-building-with-64k-pages.patch
queue-4.4/genksyms-fix-segfault-with-invalid-declarations.patch
queue-4.4/x86-platform-add-pci-dependency-for-punit_atom_debug.patch
queue-4.4/target-user-fix-cast-from-pointer-to-phys_addr_t.patch
queue-4.4/rtlwifi-fix-gcc-6-indentation-warning.patch
queue-4.4/alsa-hda-ca0132-fix-possible-null-pointer-use.patch
queue-4.4/thermal-fix-intel_soc_dts_iosf_core-dependencies.patch
queue-4.4/arm64-define-bug-instruction-without-config_bug.patch
queue-4.4/v4l-remove-media_tuner-dependency-for-video_tuner.patch
queue-4.4/tc358743-fix-register-i2c_rd-wr-functions.patch
queue-4.4/scsi-fdomain-drop-fdomain_pci_tbl-when-built-in.patch
queue-4.4/scsi-initio-remove-duplicate-module-device-table.patch
queue-4.4/netlink-fix-nla_put_-u8-u16-u32-for-kasan.patch
queue-4.4/x86-fpu-math-emu-fix-possible-uninitialized-variable-use.patch
queue-4.4/asoc-rockchip-use-__maybe_unused-to-hide-st_irq_syscfg_resume.patch
queue-4.4/staging-ste_rmi4-avoid-unused-function-warnings.patch
queue-4.4/em28xx-only-use-mt9v011-if-camera-support-is-enabled.patch
queue-4.4/pwc-hide-unused-label.patch
queue-4.4/input-tca8418_keypad-hide-gcc-4.9-wmaybe-uninitialized-warning.patch
queue-4.4/fbdev-sm712fb-avoid-unused-function-warnings.patch
queue-4.4/isdn-sc-work-around-type-mismatch-warning.patch
queue-4.4/tty-hvc_xen-hide-xen_console_remove-when-unused.patch
queue-4.4/virtio_balloon-prevent-uninitialized-variable-use.patch
queue-4.4/drm-nouveau-hide-gcc-4.9-wmaybe-uninitialized.patch
queue-4.4/dell-wmi-dell-laptop-depends-dmi.patch
queue-4.4/x86-add-multiuser-dependency-for-kvm.patch
queue-4.4/md-avoid-warning-for-32-bit-sector_t.patch
queue-4.4/isdn-eicon-reduce-stack-size-of-sig_ind-function.patch