• David Woodhouse's avatar
    modsign: Use single PEM file for autogenerated key · fb117949
    David Woodhouse authored
    The current rule for generating signing_key.priv and signing_key.x509 is
    a classic example of a bad rule which has a tendency to break parallel
    make. When invoked to create *either* target, it generates the other
    target as a side-effect that make didn't predict.
    So let's switch to using a single file signing_key.pem which contains
    both key and certificate. That matches what we do in the case of an
    external key specified by CONFIG_MODULE_SIG_KEY anyway, so it's also
    slightly cleaner.
    Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
    Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
module-signing.txt 9.9 KB