summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2016-05-19 11:36:26 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2016-05-19 11:36:26 -0700
commitec67b14c1be4ebe4cf08f06746a8d0313ab85432 (patch)
tree8eb036b8f9174a0b2c9bc14700845a977c5788db
parent7beaa24ba49717419e24d1f6321e8b3c265a719c (diff)
parent5bcba792bb304e8341217d759ec486969a3b4258 (diff)
Merge tag 'localmodconfig-v4.7' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-kconfig
Pull localmodconfig updates from Steven Rostedt. "Benjamin Poirier added some minor fixes and clean ups to localmodconfig. One is a fix for making sure that module signing still works when coming from a different environment. If original keys are not found it will warn and reset the keys to their default value" * tag 'localmodconfig-v4.7' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-kconfig: localmodconfig: Fix whitespace repeat count after "tristate" localmodconfig: Reset certificate paths localmodconfig: Add missing $ to reference a variable localmodconfig: Fix parsing of "help" text localmodconfig: Recognize more keywords that end a menu entry localmodconfig: Fix parsing of Kconfig "source" statements
-rwxr-xr-xscripts/kconfig/streamline_config.pl44
1 files changed, 39 insertions, 5 deletions
diff --git a/scripts/kconfig/streamline_config.pl b/scripts/kconfig/streamline_config.pl
index f3d3fb42b873..b8c7b29affc5 100755
--- a/scripts/kconfig/streamline_config.pl
+++ b/scripts/kconfig/streamline_config.pl
@@ -188,7 +188,7 @@ sub read_kconfig {
$cont = 0;
# collect any Kconfig sources
- if (/^source\s*"(.*)"/) {
+ if (/^source\s+"?([^"]+)/) {
my $kconfig = $1;
# prevent reading twice.
if (!defined($read_kconfigs{$kconfig})) {
@@ -237,7 +237,7 @@ sub read_kconfig {
}
# configs without prompts must be selected
- } elsif ($state ne "NONE" && /^\s*tristate\s\S/) {
+ } elsif ($state ne "NONE" && /^\s*(tristate\s+\S|prompt\b)/) {
# note if the config has a prompt
$prompts{$config} = 1;
@@ -256,8 +256,8 @@ sub read_kconfig {
$iflevel-- if ($iflevel);
- # stop on "help"
- } elsif (/^\s*help\s*$/) {
+ # stop on "help" and keywords that end a menu entry
+ } elsif (/^\s*(---)?help(---)?\s*$/ || /^(comment|choice|menu)\b/) {
$state = "NONE";
}
}
@@ -454,7 +454,7 @@ sub parse_config_depends
$p =~ s/^[^$valid]*[$valid]+//;
# We only need to process if the depend config is a module
- if (!defined($orig_configs{$conf}) || !$orig_configs{conf} eq "m") {
+ if (!defined($orig_configs{$conf}) || $orig_configs{$conf} eq "y") {
next;
}
@@ -610,6 +610,40 @@ foreach my $line (@config_file) {
next;
}
+ if (/CONFIG_MODULE_SIG_KEY="(.+)"/) {
+ my $orig_cert = $1;
+ my $default_cert = "certs/signing_key.pem";
+
+ # Check that the logic in this script still matches the one in Kconfig
+ if (!defined($depends{"MODULE_SIG_KEY"}) ||
+ $depends{"MODULE_SIG_KEY"} !~ /"\Q$default_cert\E"/) {
+ print STDERR "WARNING: MODULE_SIG_KEY assertion failure, ",
+ "update needed to ", __FILE__, " line ", __LINE__, "\n";
+ print;
+ } elsif ($orig_cert ne $default_cert && ! -f $orig_cert) {
+ print STDERR "Module signature verification enabled but ",
+ "module signing key \"$orig_cert\" not found. Resetting ",
+ "signing key to default value.\n";
+ print "CONFIG_MODULE_SIG_KEY=\"$default_cert\"\n";
+ } else {
+ print;
+ }
+ next;
+ }
+
+ if (/CONFIG_SYSTEM_TRUSTED_KEYS="(.+)"/) {
+ my $orig_keys = $1;
+
+ if (! -f $orig_keys) {
+ print STDERR "System keyring enabled but keys \"$orig_keys\" ",
+ "not found. Resetting keys to default value.\n";
+ print "CONFIG_SYSTEM_TRUSTED_KEYS=\"\"\n";
+ } else {
+ print;
+ }
+ next;
+ }
+
if (/^(CONFIG.*)=(m|y)/) {
if (defined($configs{$1})) {
if ($localyesconfig) {