From patchwork Mon Nov 18 15:39:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1196827 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47GtV95wgcz9sPj; Tue, 19 Nov 2019 02:41:37 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1iWj9g-0004sc-Rp; Mon, 18 Nov 2019 15:41:32 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iWj9f-0004sW-VP for kernel-team@lists.ubuntu.com; Mon, 18 Nov 2019 15:41:31 +0000 Received: from mail-yw1-f72.google.com ([209.85.161.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iWj9f-0004Ts-Nq for kernel-team@lists.ubuntu.com; Mon, 18 Nov 2019 15:41:31 +0000 Received: by mail-yw1-f72.google.com with SMTP id j134so12922879ywb.11 for ; Mon, 18 Nov 2019 07:41:31 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=6QOJjzm1TG6x+KCAWIiUo/61/u1pkYRUks2txARKUew=; b=r/56KiJDPC7yDPV4WmYWUljN/eihqwQh8dlZtTNnHVbX+PktdXCAisrHhLLixT9XWN FOu3praM/fkgkrqYnX8nBPD59MLbqC7WcFAdCtxFWFup+wy2UiMCRyBqKpea7wgTAUxb bvJshDNEYSe6TyM/HXT+ejuqGqpN8YyQaTQ0OpYJGcsgxShp3wsPLep4kOIIM3V7De0t JUL5eFejkGXYm/X3mkk8IccN7qFYCRyfblX/cfK5SH2lb4mwqwcHxpFLQvAfGfqENkGe FNjfCmQvacjpFghHE0xehjigNWm4hR35ZvIbtNHqTNyZF0dhxCmZbp7LxZA9oEYNX9+h RhBQ== X-Gm-Message-State: APjAAAVmOCz6B+/WdGNRTnLWc7Q5fithBo7U/5nVXew4fH7FTf2HJjFp KyngN7upinDQIabMjQGnxnWlKIBG9IzbvZEi26Oyuid/V9BvpiRxviktdBvPyngWOo9INgyAAH5 xAWZuiOep3KUk2B3oFipa4f80f9OwKBtDRcEye2FclA== X-Received: by 2002:a0d:db42:: with SMTP id d63mr12230649ywe.399.1574091690580; Mon, 18 Nov 2019 07:41:30 -0800 (PST) X-Google-Smtp-Source: APXvYqzmxCZrKG+nhP3i+XkKZPfp/k4DAdPd8QE38NPK7Zuelohvi9nhEaPETijqNxVgUk3CBRCpPw== X-Received: by 2002:a0d:db42:: with SMTP id d63mr12230629ywe.399.1574091690195; Mon, 18 Nov 2019 07:41:30 -0800 (PST) Received: from localhost ([136.37.150.243]) by smtp.gmail.com with ESMTPSA id 197sm7712710ywf.42.2019.11.18.07.41.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Nov 2019 07:41:29 -0800 (PST) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH][SRU][E/Unstable] UBUNTU: [Packaging] Fix module signing with older modinfo Date: Mon, 18 Nov 2019 09:39:17 -0600 Message-Id: <20191118153917.691813-1-seth.forshee@canonical.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1852581 Not all versions of modinfo support the signer field; specifically, the version in boinic does not. This leaves all modules unsigned in hwe kernels based on eoan and later. Change the check to look for the magic string at the end of the module, which does not rely on any external tools being aware of module signatures. Signed-off-by: Seth Forshee Acked-by: Thadeu Lima de Souza Cascardo Acked-by: Kleber Sacilotto de Souza --- debian/rules.d/2-binary-arch.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/rules.d/2-binary-arch.mk b/debian/rules.d/2-binary-arch.mk index 050f867060cb..070478e010f7 100644 --- a/debian/rules.d/2-binary-arch.mk +++ b/debian/rules.d/2-binary-arch.mk @@ -413,12 +413,12 @@ ifneq ($(skipdbg),true) -name '*.ko' | while read path_module ; do \ module="/lib/modules/$${path_module#*/lib/modules/}"; \ if [[ -f "$(dbgpkgdir)/usr/lib/debug/$$module" ]] ; then \ - signer=$$(/sbin/modinfo -F signer "$$path_module"); \ + signature=$$(tail -c 28 "$$path_module"); \ $(CROSS_COMPILE)objcopy \ --add-gnu-debuglink=$(dbgpkgdir)/usr/lib/debug/$$module \ $$path_module; \ if grep -q CONFIG_MODULE_SIG=y $(builddir)/build-$*/.config && \ - [ -n "$$signer" ]; then \ + [ "$$signature" = "~Module signature appended~" ]; then \ $(builddir)/build-$*/scripts/sign-file $(MODHASHALGO) \ $(MODSECKEY) \ $(MODPUBKEY) \