This is a note to let you know that I've just added the patch titled modsign: hide openssl output in silent builds to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: modsign-hide-openssl-output-in-silent-builds.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 5d06ee20b662a78417245714fc576cba90e6374f Mon Sep 17 00:00:00 2001 From: Arnd Bergmann <arnd@xxxxxxxx> Date: Thu, 25 Feb 2016 17:31:32 +0100 Subject: modsign: hide openssl output in silent builds From: Arnd Bergmann <arnd@xxxxxxxx> commit 5d06ee20b662a78417245714fc576cba90e6374f upstream. When a user calls 'make -s', we can assume they don't want to see any output except for warnings and errors, but instead they see this for a warning free build: ### ### Now generating an X.509 key pair to be used for signing modules. ### ### If this takes a long time, you might wish to run rngd in the ### background to keep the supply of entropy topped up. It ### needs to be run as root, and uses a hardware random ### number generator if one is available. ### Generating a 4096 bit RSA private key .................................................................................................................................................................................................................................++ ..............................................................................................................................++ writing new private key to 'certs/signing_key.pem' ----- ### ### Key pair generated. ### The output can confuse simple build testing scripts that just check for an empty build log. This patch silences all the output: - "echo" is changed to "@$(kecho)", which is dropped when "-s" gets passed - the openssl command itself is only printed with V=1, using the $(Q) macro - The output of openssl gets redirected to /dev/null on "-s" builds. Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx> Signed-off-by: David Howells <dhowells@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- certs/Makefile | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) --- a/certs/Makefile +++ b/certs/Makefile @@ -36,29 +36,34 @@ ifndef CONFIG_MODULE_SIG_HASH $(error Could not determine digest type to use from kernel config) endif +redirect_openssl = 2>&1 +quiet_redirect_openssl = 2>&1 +silent_redirect_openssl = 2>/dev/null + # We do it this way rather than having a boolean option for enabling an # external private key, because 'make randconfig' might enable such a # boolean option and we unfortunately can't make it depend on !RANDCONFIG. ifeq ($(CONFIG_MODULE_SIG_KEY),"certs/signing_key.pem") $(obj)/signing_key.pem: $(obj)/x509.genkey - @echo "###" - @echo "### Now generating an X.509 key pair to be used for signing modules." - @echo "###" - @echo "### If this takes a long time, you might wish to run rngd in the" - @echo "### background to keep the supply of entropy topped up. It" - @echo "### needs to be run as root, and uses a hardware random" - @echo "### number generator if one is available." - @echo "###" - openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \ + @$(kecho) "###" + @$(kecho) "### Now generating an X.509 key pair to be used for signing modules." + @$(kecho) "###" + @$(kecho) "### If this takes a long time, you might wish to run rngd in the" + @$(kecho) "### background to keep the supply of entropy topped up. It" + @$(kecho) "### needs to be run as root, and uses a hardware random" + @$(kecho) "### number generator if one is available." + @$(kecho) "###" + $(Q)openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \ -batch -x509 -config $(obj)/x509.genkey \ -outform PEM -out $(obj)/signing_key.pem \ - -keyout $(obj)/signing_key.pem 2>&1 - @echo "###" - @echo "### Key pair generated." - @echo "###" + -keyout $(obj)/signing_key.pem \ + $($(quiet)redirect_openssl) + @$(kecho) "###" + @$(kecho) "### Key pair generated." + @$(kecho) "###" $(obj)/x509.genkey: - @echo Generating X.509 key generation config + @$(kecho) Generating X.509 key generation config @echo >$@ "[ req ]" @echo >>$@ "default_bits = 4096" @echo >>$@ "distinguished_name = req_distinguished_name" Patches currently in stable-queue which might be from arnd@xxxxxxxx are queue-4.4/kasan-rework-kconfig-settings.patch queue-4.4/hdpvr-hide-unused-variable.patch queue-4.4/mtd-ichxrom-maybe-uninitialized-with-gcc-4.9.patch queue-4.4/profile-hide-unused-functions-when-config_proc_fs.patch queue-4.4/perf-x86-shut-up-false-positive-wmaybe-uninitialized-warning.patch queue-4.4/hwrng-exynos-use-__maybe_unused-to-hide-pm-functions.patch queue-4.4/usb-cdc_subset-only-build-when-one-driver-is-enabled.patch queue-4.4/ipv4-ipconfig-avoid-unused-ic_proto_used-symbol.patch queue-4.4/revert-power-bq27xxx_battery-remove-unneeded-dependency-in-kconfig.patch queue-4.4/go7007-add-media_camera_support-dependency.patch queue-4.4/scsi-advansys-fix-build-warning-for-pci-n.patch queue-4.4/ssb-mark-ssb_bus_register-as-__maybe_unused.patch queue-4.4/tty-cyclades-cyz_interrupt-is-only-used-for-pci.patch queue-4.4/infiniband-cxgb4-use-pr-format-string-for-printing-resources.patch queue-4.4/video-fbdev-via-remove-possibly-unused-variables.patch queue-4.4/binfmt_elf-compat-avoid-unused-function-warning.patch queue-4.4/drm-gma500-remove-helper-function.patch queue-4.4/fbdev-s6e8ax0-avoid-unused-function-warnings.patch queue-4.4/netfilter-ipvs-avoid-unused-variable-warnings.patch queue-4.4/idle-i7300-add-pci-dependency.patch queue-4.4/b2c2-flexcop-avoid-unused-function-warnings.patch queue-4.4/fbdev-auo_k190x-avoid-unused-function-warnings.patch queue-4.4/cw1200-fix-bogus-maybe-uninitialized-warning.patch queue-4.4/x86-build-silence-the-build-with-make-s.patch queue-4.4/gpio-xgene-mark-pm-functions-as-__maybe_unused.patch queue-4.4/kvm-add-x86_local_apic-dependency.patch queue-4.4/arm-tegra-select-usb_ulpi-from-ehci-rather-than-platform.patch queue-4.4/asoc-mediatek-add-i2c-dependency.patch queue-4.4/reiserfs-avoid-a-wmaybe-uninitialized-warning.patch queue-4.4/scsi-advansys-fix-uninitialized-data-access.patch queue-4.4/mtd-sh_flctl-pass-fifo-as-physical-address.patch queue-4.4/driver-core-use-dev-argument-in-dev_dbg_ratelimited-stub.patch queue-4.4/modsign-hide-openssl-output-in-silent-builds.patch queue-4.4/net-hp100-remove-unnecessary-ifdefs.patch queue-4.4/genirq-msi-add-stubs-for-get_cached_msi_msg-pci_write_msi_msg.patch queue-4.4/asoc-intel-kconfig-fix-build-when-acpi-is-not-enabled.patch queue-4.4/asoc-ux500-add-module_license-tag.patch queue-4.4/wireless-cw1200-use-__maybe_unused-to-hide-pm-functions_.patch queue-4.4/mptfusion-hide-unused-seq_mpt_print_ioc_summary-function.patch queue-4.4/tlan-avoid-unused-label-with-pci-n.patch queue-4.4/usb-musb-ux500-remove-duplicate-check-for-dma_is_compatible.patch queue-4.4/mtd-cfi-enforce-valid-geometry-configuration.patch queue-4.4/thermal-spear-use-__maybe_unused-for-pm-functions.patch queue-4.4/x86-microcode-amd-change-load_microcode_amd-s-param-to-bool-to-fix-preemptibility-bug.patch queue-4.4/video-fbdev-mmp-add-module_license.patch queue-4.4/fbdev-sis-enforce-selection-of-at-least-one-backend.patch queue-4.4/x86-boot-avoid-warning-for-zero-filling-.bss.patch queue-4.4/power-bq27xxx_battery-mark-some-symbols-__maybe_unused.patch queue-4.4/scsi-mvumi-use-__maybe_unused-to-hide-pm-functions.patch queue-4.4/usb-phy-msm-add-regulator-dependency.patch queue-4.4/isdn-icn-remove-a-warning.patch queue-4.4/ncr5380-shut-up-gcc-indentation-warning.patch queue-4.4/arm64-dts-add-cooling-cells-to-cpu-nodes.patch queue-4.4/vmxnet3-prevent-building-with-64k-pages.patch queue-4.4/genksyms-fix-segfault-with-invalid-declarations.patch queue-4.4/x86-platform-add-pci-dependency-for-punit_atom_debug.patch queue-4.4/target-user-fix-cast-from-pointer-to-phys_addr_t.patch queue-4.4/rtlwifi-fix-gcc-6-indentation-warning.patch queue-4.4/alsa-hda-ca0132-fix-possible-null-pointer-use.patch queue-4.4/thermal-fix-intel_soc_dts_iosf_core-dependencies.patch queue-4.4/arm64-define-bug-instruction-without-config_bug.patch queue-4.4/v4l-remove-media_tuner-dependency-for-video_tuner.patch queue-4.4/tc358743-fix-register-i2c_rd-wr-functions.patch queue-4.4/scsi-fdomain-drop-fdomain_pci_tbl-when-built-in.patch queue-4.4/scsi-initio-remove-duplicate-module-device-table.patch queue-4.4/netlink-fix-nla_put_-u8-u16-u32-for-kasan.patch queue-4.4/x86-fpu-math-emu-fix-possible-uninitialized-variable-use.patch queue-4.4/asoc-rockchip-use-__maybe_unused-to-hide-st_irq_syscfg_resume.patch queue-4.4/staging-ste_rmi4-avoid-unused-function-warnings.patch queue-4.4/em28xx-only-use-mt9v011-if-camera-support-is-enabled.patch queue-4.4/pwc-hide-unused-label.patch queue-4.4/input-tca8418_keypad-hide-gcc-4.9-wmaybe-uninitialized-warning.patch queue-4.4/fbdev-sm712fb-avoid-unused-function-warnings.patch queue-4.4/isdn-sc-work-around-type-mismatch-warning.patch queue-4.4/tty-hvc_xen-hide-xen_console_remove-when-unused.patch queue-4.4/virtio_balloon-prevent-uninitialized-variable-use.patch queue-4.4/drm-nouveau-hide-gcc-4.9-wmaybe-uninitialized.patch queue-4.4/dell-wmi-dell-laptop-depends-dmi.patch queue-4.4/x86-add-multiuser-dependency-for-kvm.patch queue-4.4/md-avoid-warning-for-32-bit-sector_t.patch queue-4.4/isdn-eicon-reduce-stack-size-of-sig_ind-function.patch