From: Shreenidhi Shedi <yesshedi@gmail.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
gregkh@linuxfoundation.org, masahiroy@kernel.org,
nathan@kernel.org, ndesaulniers@google.com, nicolas@fjasle.eu
Cc: yesshedi@gmail.com, linux-kernel@vger.kernel.org,
sshedi@vmware.com, linux-kbuild@vger.kernel.org
Subject: [PATCH v9 2/7] sign-file: inntroduce few new flags to make argument processing easy.
Date: Wed, 9 Aug 2023 22:52:05 +0530 [thread overview]
Message-ID: <20230809172211.343677-3-yesshedi@gmail.com> (raw)
In-Reply-To: <20230809172211.343677-1-yesshedi@gmail.com>
- Add some more options like help, x509, hashalgo to command line args
- This makes it easy to handle and use command line args wherever needed
Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
---
scripts/Makefile.modinst | 4 ++-
scripts/sign-file.c | 63 ++++++++++++++++++++++++++++------------
2 files changed, 48 insertions(+), 19 deletions(-)
diff --git a/scripts/Makefile.modinst b/scripts/Makefile.modinst
index ab0c5bd1a60f..e94ac9afe17a 100644
--- a/scripts/Makefile.modinst
+++ b/scripts/Makefile.modinst
@@ -72,7 +72,9 @@ else
sig-key := $(CONFIG_MODULE_SIG_KEY)
endif
quiet_cmd_sign = SIGN $@
- cmd_sign = scripts/sign-file $(CONFIG_MODULE_SIG_HASH) "$(sig-key)" certs/signing_key.x509 $@ \
+ cmd_sign = scripts/sign-file -a "$(CONFIG_MODULE_SIG_HASH)" \
+ -i "$(sig-key)" \
+ -x certs/signing_key.x509 $@ \
$(if $(KBUILD_EXTMOD),|| true)
else
quiet_cmd_sign :=
diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 94228865b6cc..b0f340ea629b 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -215,6 +215,11 @@ static X509 *read_x509(const char *x509_name)
struct cmd_opts {
char *raw_sig_name;
+ char *hash_algo;
+ char *dest_name;
+ char *private_key_name;
+ char *x509_name;
+ char *module_name;
bool save_sig;
bool replace_orig;
bool raw_sig;
@@ -233,6 +238,12 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
#ifndef USE_PKCS7
{"usekeyid", no_argument, 0, 'k'},
#endif
+ {"help", no_argument, 0, 'h'},
+ {"privkey", required_argument, 0, 'i'},
+ {"hashalgo", required_argument, 0, 'a'},
+ {"x509", required_argument, 0, 'x'},
+ {"dest", required_argument, 0, 'd'},
+ {"replaceorig", required_argument, 0, 'r'},
{0, 0, 0, 0}
};
@@ -241,10 +252,10 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
do {
#ifndef USE_PKCS7
- opt = getopt_long_only(argc, argv, "pds:",
+ opt = getopt_long_only(argc, argv, "hpds:i:a:x:t:r:",
cmd_options, &opt_index);
#else
- opt = getopt_long_only(argc, argv, "pdks:",
+ opt = getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:",
cmd_options, &opt_index);
#endif
switch (opt) {
@@ -268,6 +279,30 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
break;
#endif
+ case 'h':
+ format();
+ break;
+
+ case 'i':
+ opts->private_key_name = optarg;
+ break;
+
+ case 'a':
+ opts->hash_algo = optarg;
+ break;
+
+ case 'x':
+ opts->x509_name = optarg;
+ break;
+
+ case 't':
+ opts->dest_name = optarg;
+ break;
+
+ case 'r':
+ opts->replace_orig = true;
+ break;
+
case -1:
break;
@@ -281,9 +316,6 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
int main(int argc, char **argv)
{
struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
- char *hash_algo = NULL;
- char *private_key_name = NULL;
- char *x509_name, *module_name, *dest_name;
unsigned char buf[4096];
unsigned long module_size, sig_size;
unsigned int use_signed_attrs;
@@ -315,32 +347,27 @@ int main(int argc, char **argv)
argv += optind;
const char *raw_sig_name = opts.raw_sig_name;
+ const char *hash_algo = opts.hash_algo;
+ const char *private_key_name = opts.private_key_name;
+ const char *x509_name = opts.x509_name;
+ const char *module_name = opts.module_name;
const bool save_sig = opts.save_sig;
const bool raw_sig = opts.raw_sig;
const bool sign_only = opts.sign_only;
bool replace_orig = opts.replace_orig;
+ char *dest_name = opts.dest_name;
#ifndef USE_PKCS7
const unsigned int use_keyid = opts.use_keyid;
#endif
- if (argc < 4 || argc > 5)
+ if (!argv[0] || argc != 1)
format();
- if (raw_sig) {
- raw_sig_name = argv[0];
- hash_algo = argv[1];
- } else {
- hash_algo = argv[0];
- private_key_name = argv[1];
- }
- x509_name = argv[2];
- module_name = argv[3];
- if (argc == 5 && strcmp(argv[3], argv[4]) != 0) {
- dest_name = argv[4];
+ if (dest_name && strcmp(argv[0], dest_name)) {
replace_orig = false;
} else {
ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
- "asprintf");
+ "asprintf");
replace_orig = true;
}
--
2.41.0
next prev parent reply other threads:[~2023-08-09 17:22 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-09 17:22 [PATCH v9 0/7] refactor file signing program Shreenidhi Shedi
2023-08-09 17:22 ` [PATCH v9 1/7] sign-file: use getopt_long_only for parsing input args Shreenidhi Shedi
2023-08-10 5:47 ` Greg KH
2023-08-09 17:22 ` Shreenidhi Shedi [this message]
2023-08-10 5:48 ` [PATCH v9 2/7] sign-file: inntroduce few new flags to make argument processing easy Greg KH
2023-08-10 5:49 ` Greg KH
2023-08-09 17:22 ` [PATCH v9 3/7] sign-file: move file signing logic to its own function Shreenidhi Shedi
2023-08-10 5:50 ` Greg KH
2023-08-09 17:22 ` [PATCH v9 4/7] sign-file: add support to sign modules in bulk Shreenidhi Shedi
2023-08-10 5:50 ` Greg KH
2023-08-13 12:26 ` Masahiro Yamada
2023-08-09 17:22 ` [PATCH v9 5/7] sign-file: improve help message Shreenidhi Shedi
2023-08-10 6:18 ` Greg KH
2023-08-09 17:22 ` [PATCH v9 6/7] sign-file: use const with a global string constant Shreenidhi Shedi
2023-08-09 17:22 ` [PATCH v9 7/7] sign-file: fix do while styling issue Shreenidhi Shedi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230809172211.343677-3-yesshedi@gmail.com \
--to=yesshedi@gmail.com \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=nicolas@fjasle.eu \
--cc=sshedi@vmware.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.