Skip to content

Commit

Permalink
bin2c: move bin2c in scripts/basic
Browse files Browse the repository at this point in the history
This patch series does not do kernel signature verification yet.  I plan
to post another patch series for that.  Now distributions are already
signing PE/COFF bzImage with PKCS7 signature I plan to parse and verify
those signatures.

Primary goal of this patchset is to prepare groundwork so that kernel
image can be signed and signatures be verified during kexec load.  This
should help with two things.

- It should allow kexec/kdump on secureboot enabled machines.

- In general it can help even without secureboot. By being able to verify
  kernel image signature in kexec, it should help with avoiding module
  signing restrictions. Matthew Garret showed how to boot into a custom
  kernel, modify first kernel's memory and then jump back to old kernel and
  bypass any policy one wants to.

This patch (of 15):

Kexec wants to use bin2c and it wants to use it really early in the build
process. See arch/x86/purgatory/ code in later patches.

So move bin2c in scripts/basic so that it can be built very early and
be usable by arch/x86/purgatory/

Signed-off-by: Vivek Goyal <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: Michael Kerrisk <[email protected]>
Cc: Yinghai Lu <[email protected]>
Cc: Eric Biederman <[email protected]>
Cc: H. Peter Anvin <[email protected]>
Cc: Matthew Garrett <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Dave Young <[email protected]>
Cc: WANG Chao <[email protected]>
Cc: Baoquan He <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
  • Loading branch information
rhvgoyal authored and torvalds committed Aug 8, 2014
1 parent 05f65b5 commit 8370ede
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 7 deletions.
2 changes: 1 addition & 1 deletion kernel/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ targets += config_data.gz
$(obj)/config_data.gz: $(KCONFIG_CONFIG) FORCE
$(call if_changed,gzip)

filechk_ikconfiggz = (echo "static const char kernel_config_data[] __used = MAGIC_START"; cat $< | scripts/bin2c; echo "MAGIC_END;")
filechk_ikconfiggz = (echo "static const char kernel_config_data[] __used = MAGIC_START"; cat $< | scripts/basic/bin2c; echo "MAGIC_END;")
targets += config_data.h
$(obj)/config_data.h: $(obj)/config_data.gz FORCE
$(call filechk,ikconfiggz)
Expand Down
1 change: 0 additions & 1 deletion scripts/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
conmakehash
kallsyms
pnmtologo
bin2c
unifdef
ihex2fw
recordmcount
Expand Down
1 change: 0 additions & 1 deletion scripts/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ HOST_EXTRACFLAGS += -I$(srctree)/tools/include
hostprogs-$(CONFIG_KALLSYMS) += kallsyms
hostprogs-$(CONFIG_LOGO) += pnmtologo
hostprogs-$(CONFIG_VT) += conmakehash
hostprogs-$(CONFIG_IKCONFIG) += bin2c
hostprogs-$(BUILD_C_RECORDMCOUNT) += recordmcount
hostprogs-$(CONFIG_BUILDTIME_EXTABLE_SORT) += sortextable
hostprogs-$(CONFIG_ASN1) += asn1_compiler
Expand Down
1 change: 1 addition & 0 deletions scripts/basic/.gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
fixdep
bin2c
1 change: 1 addition & 0 deletions scripts/basic/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
# fixdep: Used to generate dependency information during build process

hostprogs-y := fixdep
hostprogs-$(CONFIG_IKCONFIG) += bin2c
always := $(hostprogs-y)

# fixdep is needed to compile other host programs
Expand Down
7 changes: 3 additions & 4 deletions scripts/bin2c.c → scripts/basic/bin2c.c
Original file line number Diff line number Diff line change
Expand Up @@ -11,18 +11,17 @@

int main(int argc, char *argv[])
{
int ch, total=0;
int ch, total = 0;

if (argc > 1)
printf("const char %s[] %s=\n",
argv[1], argc > 2 ? argv[2] : "");

do {
printf("\t\"");
while ((ch = getchar()) != EOF)
{
while ((ch = getchar()) != EOF) {
total++;
printf("\\x%02x",ch);
printf("\\x%02x", ch);
if (total % 16 == 0)
break;
}
Expand Down

0 comments on commit 8370ede

Please sign in to comment.