[PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature
@ 2013-04-08 21:43 David Cohen
  2013-04-09  3:27 ` Rusty Russell
  0 siblings, 1 reply; 4+ messages in thread
From: David Cohen @ 2013-04-08 21:43 UTC (permalink / raw)
  To: rusty, dhowells; +Cc: linux-kernel, David Cohen

openssl may send garbage to stderr when generating X.509 key pair for
modules signature regardless there was an error or not. It makes more
difficult to create scripts based on kernel error/warning messages.
This patch makes sure openssl logs go to default stdout.

Signed-off-by: David Cohen <david.a.cohen@intel.com>
---
 kernel/Makefile |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/Makefile b/kernel/Makefile
index bbde5f1..5a51e6c 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -175,7 +175,7 @@ signing_key.priv signing_key.x509: x509.genkey
 	openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
 		-batch -x509 -config x509.genkey \
 		-outform DER -out signing_key.x509 \
-		-keyout signing_key.priv
+		-keyout signing_key.priv 2>&1
 	@echo "###"
 	@echo "### Key pair generated."
 	@echo "###"
-- 
1.7.10.4


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature
  2013-04-08 21:43 [PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature David Cohen
@ 2013-04-09  3:27 ` Rusty Russell
  2013-04-09 21:29   ` David Cohen
  0 siblings, 1 reply; 4+ messages in thread
From: Rusty Russell @ 2013-04-09  3:27 UTC (permalink / raw)
  To: David Cohen, dhowells; +Cc: linux-kernel, David Cohen

David Cohen <david.a.cohen@intel.com> writes:
> openssl may send garbage to stderr when generating X.509 key pair for
> modules signature regardless there was an error or not. It makes more
> difficult to create scripts based on kernel error/warning messages.
> This patch makes sure openssl logs go to default stdout.
>
> Signed-off-by: David Cohen <david.a.cohen@intel.com>

Can you please give an example of the "garbage" in your commit message,
or is it binary?

Thanks,
Rusty,.

> ---
>  kernel/Makefile |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/Makefile b/kernel/Makefile
> index bbde5f1..5a51e6c 100644
> --- a/kernel/Makefile
> +++ b/kernel/Makefile
> @@ -175,7 +175,7 @@ signing_key.priv signing_key.x509: x509.genkey
>  	openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
>  		-batch -x509 -config x509.genkey \
>  		-outform DER -out signing_key.x509 \
> -		-keyout signing_key.priv
> +		-keyout signing_key.priv 2>&1
>  	@echo "###"
>  	@echo "### Key pair generated."
>  	@echo "###"
> -- 
> 1.7.10.4

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature
  2013-04-09  3:27 ` Rusty Russell
@ 2013-04-09 21:29   ` David Cohen
  0 siblings, 0 replies; 4+ messages in thread
From: David Cohen @ 2013-04-09 21:29 UTC (permalink / raw)
  To: Rusty Russell; +Cc: dhowells, linux-kernel, Gross, Mark

On 04/08/2013 08:27 PM, Rusty Russell wrote:
> David Cohen <david.a.cohen@intel.com> writes:
>> openssl may send garbage to stderr when generating X.509 key pair for
>> modules signature regardless there was an error or not. It makes more
>> difficult to create scripts based on kernel error/warning messages.
>> This patch makes sure openssl logs go to default stdout.
>>
>> Signed-off-by: David Cohen <david.a.cohen@intel.com>
> Can you please give an example of the "garbage" in your commit message,
> or is it binary?

I can write to commit message, it's not binary. I'll send a new patch.

The problem is openssl writes its logs to stderr.
Here's the example I'm going to write to commit message. I captured only 
stderr in this case:

crypto/anubis.c:581: warning: ‘inter’ is used uninitialized in this function
Generating a 4096 bit RSA private key
.........
drivers/gpu/drm/i915/i915_gem_gtt.c: In function ‘gen6_ggtt_insert_entries’:
drivers/gpu/drm/i915/i915_gem_gtt.c:440: warning: ‘addr’ may be used 
uninitialized in this function
.net/mac80211/tx.c: In function ‘ieee80211_subif_start_xmit’:
net/mac80211/tx.c:1780: warning: ‘chanctx_conf’ may be used 
uninitialized in this function
..drivers/isdn/hardware/mISDN/hfcpci.c: In function ‘hfcpci_softirq’:
.....drivers/isdn/hardware/mISDN/hfcpci.c:2298: warning: ignoring return 
value of ‘driver_for_each_device’, declared with attribute 
warn_unused_result
net/unix/af_unix.c: In function ‘unix_bind’:
net/unix/af_unix.c:892: warning: ‘path.dentry’ may be used uninitialized 
in this function
net/unix/af_unix.c:892: warning: ‘path.mnt’ may be used uninitialized in 
this function
...++
In file included from drivers/message/i2o/config-osm.c:39:
drivers/message/i2o/i2o_config.c: In function ‘i2o_cfg_passthru’:
drivers/message/i2o/i2o_config.c:888: warning: cast to pointer from 
integer of different size
drivers/message/i2o/i2o_config.c:943: warning: cast to pointer from 
integer of different size
drivers/net/ethernet/amd/nmclan_cs.c: In function ‘nmclan_config’:
drivers/net/ethernet/amd/nmclan_cs.c:625: warning: 
‘pcmcia_request_exclusive_irq’ is deprecated (declared at 
include/pcmcia/ds.h:201)
drivers/net/ethernet/mellanox/mlx4/mcg.c: In function ‘find_entry’:
.........................................................................................................................................................................................++
writing new private key to 'signing_key.priv'
-----
drivers/net/ethernet/mellanox/mlx4/mcg.c:601: warning: ‘hash’ may be 
used uninitialized in this function


The problem happens when we use high N value on make -jN. All warnings 
get mixed with dots and other outputs from openssl when printed during 
key pair generation.

Br, David


>
> Thanks,
> Rusty,.
>
>> ---
>>   kernel/Makefile |    2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/kernel/Makefile b/kernel/Makefile
>> index bbde5f1..5a51e6c 100644
>> --- a/kernel/Makefile
>> +++ b/kernel/Makefile
>> @@ -175,7 +175,7 @@ signing_key.priv signing_key.x509: x509.genkey
>>   	openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
>>   		-batch -x509 -config x509.genkey \
>>   		-outform DER -out signing_key.x509 \
>> -		-keyout signing_key.priv
>> +		-keyout signing_key.priv 2>&1
>>   	@echo "###"
>>   	@echo "### Key pair generated."
>>   	@echo "###"
>> -- 
>> 1.7.10.4


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature
@ 2013-04-10 10:32 Rusty Russell
  0 siblings, 0 replies; 4+ messages in thread
From: Rusty Russell @ 2013-04-10 10:32 UTC (permalink / raw)
  To: Linus Torvalds; +Cc: LKML, David Howells

From: David Cohen <david.a.cohen@intel.com>

When compiling kernel with -jN (N > 1), all warning/error messages
printed while openssl is generating key pair may get mixed dots and
other symbols openssl sends to stderr. This patch makes sure openssl
logs go to default stdout.

Example of the garbage on stderr:

crypto/anubis.c:581: warning: ‘inter’ is used uninitialized in this function
Generating a 4096 bit RSA private key
.........
drivers/gpu/drm/i915/i915_gem_gtt.c: In function ‘gen6_ggtt_insert_entries’:
drivers/gpu/drm/i915/i915_gem_gtt.c:440: warning: ‘addr’ may be used uninitialized in this function
.net/mac80211/tx.c: In function ‘ieee80211_subif_start_xmit’:
net/mac80211/tx.c:1780: warning: ‘chanctx_conf’ may be used uninitialized in this function
..drivers/isdn/hardware/mISDN/hfcpci.c: In function ‘hfcpci_softirq’:
.....drivers/isdn/hardware/mISDN/hfcpci.c:2298: warning: ignoring return value of ‘driver_for_each_device’, declared with attribute warn_unused_result

Signed-off-by: David Cohen <david.a.cohen@intel.com>
Reviewed-by: mark gross <mark.gross@intel.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---
 kernel/Makefile |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/Makefile b/kernel/Makefile
index bbde5f1..5a51e6c 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -175,7 +175,7 @@ signing_key.priv signing_key.x509: x509.genkey
 	openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \
 		-batch -x509 -config x509.genkey \
 		-outform DER -out signing_key.x509 \
-		-keyout signing_key.priv
+		-keyout signing_key.priv 2>&1
 	@echo "###"
 	@echo "### Key pair generated."
 	@echo "###"

^ permalink raw reply related	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2013-04-10 10:35 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-04-08 21:43 [PATCH] MODSIGN: do not send garbage to stderr when enabling modules signature David Cohen
2013-04-09  3:27 ` Rusty Russell
2013-04-09 21:29   ` David Cohen
2013-04-10 10:32 Rusty Russell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).