sign-file: use 'struct module_signature' from the UAPI headers

Now that the UAPI headers provide the required definitions, use those.
Some symbols have been renamed, adapt to those.

Also adapt the include path for the custom sign-file rule in the
bpf selftests.

Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
Reviewed-by: Petr Pavlu <petr.pavlu@suse.com>
Reviewed-by: Nicolas Schier <nsc@kernel.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

diff --git a/scripts/Makefile b/scripts/Makefile
index 0941e5ce7b575f0f43929777eae814b012e90710..3434a82a119f090864ecb7c6444053d84f54461e 100644 (file)
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -35,6 +35,7 @@ HOSTCFLAGS_sorttable.o = -I$(srctree)/tools/include
 HOSTLDLIBS_sorttable = -lpthread
 HOSTCFLAGS_asn1_compiler.o = -I$(srctree)/include
 HOSTCFLAGS_sign-file.o = $(shell $(HOSTPKG_CONFIG) --cflags libcrypto 2> /dev/null)
+HOSTCFLAGS_sign-file.o += -I$(srctree)/tools/include/uapi/
 HOSTLDLIBS_sign-file = $(shell $(HOSTPKG_CONFIG) --libs libcrypto 2> /dev/null || echo -lcrypto)
 
 ifdef CONFIG_UNWINDER_ORC

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 73fbefd2e540189072a87a11921fc61148bebbfb..86b010ac15149c1a8174a3d635783ac70376f1dc 100644 (file)
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -40,19 +40,7 @@
 #endif
 #include "ssl-common.h"
 
-struct module_signature {
-       uint8_t         algo;           /* Public-key crypto algorithm [0] */
-       uint8_t         hash;           /* Digest algorithm [0] */
-       uint8_t         id_type;        /* Key identifier type [PKEY_ID_PKCS7] */
-       uint8_t         signer_len;     /* Length of signer's name [0] */
-       uint8_t         key_id_len;     /* Length of key identifier [0] */
-       uint8_t         __pad[3];
-       uint32_t        sig_len;        /* Length of signature data */
-};
-
-#define PKEY_ID_PKCS7 2
-
-static char magic_number[] = "~Module signature appended~\n";
+#include <linux/module_signature.h>
 
 static __attribute__((noreturn))
 void format(void)
@@ -197,7 +185,7 @@ static X509 *read_x509(const char *x509_name)
 
 int main(int argc, char **argv)
 {
-       struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
+       struct module_signature sig_info = { .id_type = MODULE_SIGNATURE_TYPE_PKCS7 };
        char *hash_algo = NULL;
        char *private_key_name = NULL, *raw_sig_name = NULL;
        char *x509_name, *module_name, *dest_name;
@@ -357,7 +345,8 @@ int main(int argc, char **argv)
        sig_size = BIO_number_written(bd) - module_size;
        sig_info.sig_len = htonl(sig_size);
        ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name);
-       ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest_name);
+       ERR(BIO_write(bd, MODULE_SIGNATURE_MARKER, sizeof(MODULE_SIGNATURE_MARKER) - 1) < 0,
+           "%s", dest_name);
 
        ERR(BIO_free(bd) != 1, "%s", dest_name);
 

diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile
index d5acbeba03838f74103724d780c5634d0d2c4793..de3bdbab768bf3328c279dedce682388ac5ffbad 100644 (file)
--- a/tools/testing/selftests/bpf/Makefile
+++ b/tools/testing/selftests/bpf/Makefile
@@ -274,6 +274,7 @@ $(OUTPUT)/urandom_read: urandom_read.c urandom_read_aux.c $(OUTPUT)/liburandom_r
 $(OUTPUT)/sign-file: ../../../../scripts/sign-file.c
        $(call msg,SIGN-FILE,,$@)
        $(Q)$(CC) $(shell $(PKG_CONFIG) --cflags libcrypto 2> /dev/null) \
+                 -I$(srctree)/tools/include/uapi/ \
                  $< -o $@ \
                  $(shell $(PKG_CONFIG) --libs libcrypto 2> /dev/null || echo -lcrypto)