From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F2FE8CCA47B for ; Mon, 13 Jun 2022 18:40:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343834AbiFMSk3 (ORCPT ); Mon, 13 Jun 2022 14:40:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43590 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343893AbiFMSkE (ORCPT ); Mon, 13 Jun 2022 14:40:04 -0400 Received: from conssluserg-01.nifty.com (conssluserg-01.nifty.com [210.131.2.80]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA40D35DFC; Mon, 13 Jun 2022 08:29:29 -0700 (PDT) Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) (authenticated) by conssluserg-01.nifty.com with ESMTP id 25DFTBPr014866; Tue, 14 Jun 2022 00:29:12 +0900 DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-01.nifty.com 25DFTBPr014866 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com; s=dec2015msa; t=1655134152; bh=U8e6xBBpGNq52HU5UCv+aLe6rXlJafZA9BHju3EnG0w=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=S099LBHFLevAqisrzBFoHtirHccwg1PjI1CDo6+ebI9+hqvyVkQdpDEim/VpdRi2z /bpPNrKWLL5+W8C1eavYKq9eDQdCdFr2vwdV5bEFtJHCARyz9WyO326GUe2fNCeeaE we88Hp79ThHEvpIl4yarZqY/swmq5SWtP53KlL6i7PuwLz08jx81k/deX/SXYPUILb i1Enx3VcaCc4teHtGpMyo8P48fInZnEMs0X1ZUn5PGRgMEQw5bQr/Il/SXSkP8QV+o 5mDsmIZMcKbObVVT3rm1KY0xGuCovMfTDBAL98hXVXEeHv03HVhutOrJZihrUzBF8C WdXIe07T+A5Qw== X-Nifty-SrcIP: [209.85.128.53] Received: by mail-wm1-f53.google.com with SMTP id m16-20020a7bca50000000b0039c8a224c95so2416891wml.2; Mon, 13 Jun 2022 08:29:12 -0700 (PDT) X-Gm-Message-State: AOAM533AF09pieQk0lgAlDSNH6GjYyiiXwQYsL9kZqCDlLsbXPnL/fns mU1HNDqCKY0qGUhc6nLRoI0l2Lf6tqLSXzNxK2I= X-Google-Smtp-Source: ABdhPJwR2BO70ewcMkpasiG+oq3cRiDpOY3zt44AL5wd2UEyJV0VTm5/CIVcKEFhTBdJDJCNhGeMLpZK8RPebsKjGaE= X-Received: by 2002:a7b:c346:0:b0:397:626d:d2c4 with SMTP id l6-20020a7bc346000000b00397626dd2c4mr15731645wmj.172.1655134150862; Mon, 13 Jun 2022 08:29:10 -0700 (PDT) MIME-Version: 1.0 References: <20220611172233.1494073-1-masahiroy@kernel.org> <20220611172233.1494073-3-masahiroy@kernel.org> In-Reply-To: From: Masahiro Yamada Date: Tue, 14 Jun 2022 00:28:34 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 3/4] certs: move scripts/check-blacklist-hashes.awk to certs/ To: =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= Cc: Linux Kbuild mailing list , David Howells , Jarkko Sakkinen , David Woodhouse , keyrings@vger.kernel.org, Linux Kernel Mailing List , Eric Snowberg , Herbert Xu , Tyler Hicks Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org On Mon, Jun 13, 2022 at 9:36 PM Micka=C3=ABl Sala=C3=BCn = wrote: > > > > On 11/06/2022 19:22, Masahiro Yamada wrote: > > This script is only used in certs/Makefile, so certs/ is a better > > home for it. > > > > Signed-off-by: Masahiro Yamada > > --- > > > > MAINTAINERS | 1 - > > certs/Makefile | 2 +- > > {scripts =3D> certs}/check-blacklist-hashes.awk | 0 > > 3 files changed, 1 insertion(+), 2 deletions(-) > > rename {scripts =3D> certs}/check-blacklist-hashes.awk (100%) > > > > diff --git a/MAINTAINERS b/MAINTAINERS > > index 1fc9ead83d2a..7c2a7c304824 100644 > > --- a/MAINTAINERS > > +++ b/MAINTAINERS > > @@ -4627,7 +4627,6 @@ L: keyrings@vger.kernel.org > > S: Maintained > > F: Documentation/admin-guide/module-signing.rst > > F: certs/ > > -F: scripts/check-blacklist-hashes.awk > F: scripts/sign-file= .c > > F: tools/certs/ > > > > diff --git a/certs/Makefile b/certs/Makefile > > index a8d628fd5f7b..df7aaeafd19c 100644 > > --- a/certs/Makefile > > +++ b/certs/Makefile > > @@ -13,7 +13,7 @@ CFLAGS_blacklist_hashes.o :=3D -I $(obj) > > > > quiet_cmd_check_and_copy_blacklist_hash_list =3D GEN $@ > > cmd_check_and_copy_blacklist_hash_list =3D \ > > - $(AWK) -f $(srctree)/scripts/check-blacklist-hashes.awk $(CONFIG_= SYSTEM_BLACKLIST_HASH_LIST) >&2; \ > > + $(AWK) -f $(srctree)/$(src)/check-blacklist-hashes.awk $(CONFIG_S= YSTEM_BLACKLIST_HASH_LIST) >&2; \ > > cat $(CONFIG_SYSTEM_BLACKLIST_HASH_LIST) > $@ > > > > $(obj)/blacklist_hash_list: $(CONFIG_SYSTEM_BLACKLIST_HASH_LIST) FORC= E > > diff --git a/scripts/check-blacklist-hashes.awk b/certs/check-blacklist= -hashes.awk > > similarity index 100% > > rename from scripts/check-blacklist-hashes.awk > > rename to certs/check-blacklist-hashes.awk > > It looks more appropriate and consistent to me to keep it in scripts/, > close to other cert scripts. Is there some precedent to move such script? I always did that. For example, f6f57a46435d7253a52a1a07a58183678ad266a0 78a20a012ecea857e438b1f9e8091acb290bd0f5 28ba53c07638f31b153e3a32672a6124d0ff2a97 4484aa800ac588a1fe2175cd53076c21067f44b4 340a02535ee785c64c62a9c45706597a0139e972 Tools can stay in scripts/ if and only if: - it is used globally during kernel builds - it is still needed after the kernel builds. "make clean" removes most of the build artifacts but keeps ones under scripts/. scripts/insert-sys-cert is apparently unneeded for building the kernel. If the intended use is to manipulate vmlinux later, that is the legitimate reason to stay in scripts/. (but even better place might be tools/) certs/signing_key.pem is needed even after kernel builds. So, it should have been kept under scripts/ instead of certs/. -- Best Regards Masahiro Yamada