| #!/bin/bash |
| |
| # Parse modules.order and sign the modules found in that file. |
| |
| if [ -z "$KDIR" ]; then |
| echo "Error: \$KDIR has not been set" |
| exit 1 |
| fi |
| |
| scst_dir=$(dirname "$(cd "$(dirname "$0")" && pwd)") |
| |
| if [ ! -e "${KDIR}/scripts/sign-file" ]; then |
| echo "Not signing modules because no sign-file executable" |
| exit |
| fi |
| |
| [ -e "${scst_dir}/scst/src/certs/scst_module_key.priv" ] || exit 0 |
| [ -e "${scst_dir}/scst/src/certs/scst_module_key.der" ] || exit 0 |
| |
| CONFIG_MODULE_SIG_HASH=$(sed -n 's/^CONFIG_MODULE_SIG_HASH="\([^"]*\)"$/\1/p' "${KDIR}/.config" | { read -r line; [ -n "$line" ] && echo "$line" || echo sha256; }) |
| |
| sed 's,^kernel/,,' < modules.order | \ |
| while read -r f; do |
| echo "Signing $f" |
| "${KDIR}/scripts/sign-file" "${CONFIG_MODULE_SIG_HASH}" "${scst_dir}/scst/src/certs/scst_module_key.priv" "${scst_dir}/scst/src/certs/scst_module_key.der" "$f" || exit $? |
| done |