linux/certs
Masahiro Yamada 27b5b22d25 certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build
Commit addf466389 ("certs: Check that builtin blacklist hashes are
valid") was applied 8 months after the submission.

In the meantime, the base code had been removed by commit b8c96a6b46
("certs: simplify $(srctree)/ handling and remove config_filename
macro").

Fix the Makefile.

Create a local copy of $(CONFIG_SYSTEM_BLACKLIST_HASH_LIST). It is
included from certs/blacklist_hashes.c and also works as a timestamp.

Send error messages from check-blacklist-hashes.awk to stderr instead
of stdout.

Fixes: addf466389 ("certs: Check that builtin blacklist hashes are valid")
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Reviewed-by: Mickaël Salaün <mic@linux.microsoft.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2022-06-15 21:52:32 +03:00
..
.gitignore certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build 2022-06-15 21:52:32 +03:00
blacklist_hashes.c certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build 2022-06-15 21:52:32 +03:00
blacklist_nohashes.c certs/blacklist_nohashes.c: fix const confusion in certs blacklist 2018-02-21 15:35:43 -08:00
blacklist.c certs: Explain the rationale to call panic() 2022-05-23 18:47:49 +03:00
blacklist.h certs: Add EFI_CERT_X509_GUID support for dbx entries 2021-03-11 16:31:28 +00:00
common.c certs: Move load_system_certificate_list to a common function 2021-03-11 16:32:38 +00:00
common.h certs: Move load_system_certificate_list to a common function 2021-03-11 16:32:38 +00:00
default_x509.genkey certs: check-in the default x509 config file 2021-12-11 22:09:14 +09:00
extract-cert.c cert host tools: Stop complaining about deprecated OpenSSL functions 2022-06-08 13:18:39 -07:00
Kconfig certs: Allow root user to append signed hashes to the blacklist keyring 2022-05-23 18:47:49 +03:00
Makefile certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build 2022-06-15 21:52:32 +03:00
revocation_certificates.S certs: Add ability to preload revocation certs 2021-03-11 16:33:49 +00:00
system_certificates.S certs: include certs/signing_key.x509 unconditionally 2022-03-03 08:16:19 +09:00
system_keyring.c KEYS: Introduce link restriction for machine keys 2022-03-08 13:55:52 +02:00