Re: [PATCH v7 2/8] sign-file: inntroduce few new flags to make argument processing easy.

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Shreenidhi Shedi <yesshedi@gmail.com>
To: Masahiro Yamada <masahiroy@kernel.org>
Cc: dhowells@redhat.com, dwmw2@infradead.org,
	gregkh@linuxfoundation.org, nathan@kernel.org,
	ndesaulniers@google.com, nicolas@fjasle.eu,
	linux-kernel@vger.kernel.org, sshedi@vmware.com
Subject: Re: [PATCH v7 2/8] sign-file: inntroduce few new flags to make argument processing easy.
Date: Mon, 7 Aug 2023 13:27:45 +0530	[thread overview]
Message-ID: <a9cbd99b-b5ce-4666-a08a-5586af3158c7@gmail.com> (raw)
In-Reply-To: <CAK7LNATPVv99Vzxt2M=FO6OOaBvs+DyZS2rni+-DLEPbAGGoFQ@mail.gmail.com>

On 07/08/23 08:05, Masahiro Yamada wrote:
> On Fri, Jun 23, 2023 at 11:54 PM Shreenidhi Shedi <yesshedi@gmail.com> wrote:
>>
>> - Add some more options like help, x509, hashalgo to command line args
>> - This makes it easy to handle and use command line args wherever needed
>>
>> Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com>
>> ---
>>   scripts/sign-file.c | 63 ++++++++++++++++++++++++++++++++-------------
>>   1 file changed, 45 insertions(+), 18 deletions(-)
>>
>> diff --git a/scripts/sign-file.c b/scripts/sign-file.c
>> index 94228865b6cc..b0f340ea629b 100644
>> --- a/scripts/sign-file.c
>> +++ b/scripts/sign-file.c
>> @@ -215,6 +215,11 @@ static X509 *read_x509(const char *x509_name)
>>
>>   struct cmd_opts {
>>          char *raw_sig_name;
>> +       char *hash_algo;
>> +       char *dest_name;
>> +       char *private_key_name;
>> +       char *x509_name;
>> +       char *module_name;
>>          bool save_sig;
>>          bool replace_orig;
>>          bool raw_sig;
>> @@ -233,6 +238,12 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
>>   #ifndef USE_PKCS7
>>                  {"usekeyid",    no_argument,        0,  'k'},
>>   #endif
>> +               {"help",        no_argument,        0,  'h'},
>> +               {"privkey",     required_argument,  0,  'i'},
>> +               {"hashalgo",    required_argument,  0,  'a'},
>> +               {"x509",        required_argument,  0,  'x'},
>> +               {"dest",        required_argument,  0,  'd'},
>> +               {"replaceorig", required_argument,  0,  'r'},
>>                  {0, 0, 0, 0}
>>          };
>>
>> @@ -241,10 +252,10 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
>>
>>          do {
>>   #ifndef USE_PKCS7
>> -               opt = getopt_long_only(argc, argv, "pds:",
>> +               opt = getopt_long_only(argc, argv, "hpds:i:a:x:t:r:",
>>                                  cmd_options, &opt_index);
>>   #else
>> -               opt = getopt_long_only(argc, argv, "pdks:",
>> +               opt = getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:",
>>                                  cmd_options, &opt_index);
>>   #endif
>>                  switch (opt) {
>> @@ -268,6 +279,30 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
>>                          break;
>>   #endif
>>
>> +               case 'h':
>> +                       format();
>> +                       break;
>> +
>> +               case 'i':
>> +                       opts->private_key_name = optarg;
>> +                       break;
>> +
>> +               case 'a':
>> +                       opts->hash_algo = optarg;
>> +                       break;
>> +
>> +               case 'x':
>> +                       opts->x509_name = optarg;
>> +                       break;
>> +
>> +               case 't':
>> +                       opts->dest_name = optarg;
>> +                       break;
>> +
>> +               case 'r':
>> +                       opts->replace_orig = true;
>> +                       break;
>> +
>>                  case -1:
>>                          break;
>>
>> @@ -281,9 +316,6 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
>>   int main(int argc, char **argv)
>>   {
>>          struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
>> -       char *hash_algo = NULL;
>> -       char *private_key_name = NULL;
>> -       char *x509_name, *module_name, *dest_name;
>>          unsigned char buf[4096];
>>          unsigned long module_size, sig_size;
>>          unsigned int use_signed_attrs;
>> @@ -315,32 +347,27 @@ int main(int argc, char **argv)
>>          argv += optind;
>>
>>          const char *raw_sig_name = opts.raw_sig_name;
>> +       const char *hash_algo = opts.hash_algo;
>> +       const char *private_key_name = opts.private_key_name;
>> +       const char *x509_name = opts.x509_name;
>> +       const char *module_name = opts.module_name;
>>          const bool save_sig = opts.save_sig;
>>          const bool raw_sig = opts.raw_sig;
>>          const bool sign_only = opts.sign_only;
>>          bool replace_orig = opts.replace_orig;
>> +       char *dest_name = opts.dest_name;
>>   #ifndef USE_PKCS7
>>          const unsigned int use_keyid = opts.use_keyid;
>>   #endif
>>
>> -       if (argc < 4 || argc > 5)
>> +       if (!argv[0] || argc != 1)
>>                  format();
> 
> 
> 
> You are breaking the bisect'ability.
> 
> You are turning the positional parameters into options
> but not adjusting scripts/Makefile.modinst in the same commit.
> 
> 
> 
> 
> 
> masahiro@oscar:~/ref/linux((HEAD detached at 41cb7c94595d))$ make
> INSTALL_MOD_PATH=/tmp/modules  modules_install
>    INSTALL /tmp/modules/lib/modules/6.5.0-rc4+/kernel/arch/x86/events/amd/power.ko
>    SIGN    /tmp/modules/lib/modules/6.5.0-rc4+/kernel/arch/x86/events/amd/power.ko
> Usage: scripts/sign-file [OPTIONS]... [MODULE]...
> Available options:
> -h, --help             Print this help message and exit
> 
> Optional args:
> -s, --rawsig <sig>     Raw signature
> -p, --savesig          Save signature
> -d, --signonly         Sign only
> -k, --usekeyid         Use key ID
> -b, --bulksign         Sign modules in bulk
> -r, --replaceorig      Replace original
> -t, --dest <dest>      Destination path (Exclusive with bulk option)
> 
> Mandatory args:
> -i, --privkey <key>    Private key
> -a, --hashalgo <alg>   Hash algorithm
> -x, --x509 <x509>      X509
> 
> Examples:
> 
>      Regular signing:
>       scripts/sign-file -a sha512 -i certs/signing_key.pem -x
> certs/signing_key.x509 <module>
> 
>      Signing with destination path:
>       scripts/sign-file -a sha512 -i certs/signing_key.pem -x
> certs/signing_key.x509 <module> -t <path>
> 
>      Signing modules in bulk:
>       scripts/sign-file -a sha512 -i certs/signing_key.pem -x
> certs/signing_key.x509 -b <module1> <module2> ...
> make[2]: *** [scripts/Makefile.modinst:87:
> /tmp/modules/lib/modules/6.5.0-rc4+/kernel/arch/x86/events/amd/power.ko]
> Error 2
> make[2]: *** Deleting file
> '/tmp/modules/lib/modules/6.5.0-rc4+/kernel/arch/x86/events/amd/power.ko'
> make[1]: *** [/home/masahiro/ref/linux/Makefile:1964: modules_install] Error 2
> make: *** [Makefile:234: __sub-make] Error 2
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> --
> Best Regards
> Masahiro Yamada

Hi Masahiro Yamada,

Thanks for the review. I will fix this. It's hard to keep the commits 
small and not breaking the bisect during code refactoring. In this case 
it's not a problem. Thanks for this input.

-- 
Shedi

next prev parent reply	other threads:[~2023-08-07  7:57 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-06-23 14:53 [PATCH v7 0/8] refactor file signing program Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 1/8] sign-file: use getopt_long_only for parsing input args Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 2/8] sign-file: inntroduce few new flags to make argument processing easy Shreenidhi Shedi
2023-08-07  2:35   ` Masahiro Yamada
2023-08-07  7:57     ` Shreenidhi Shedi [this message]
2023-06-23 14:53 ` [PATCH v7 3/8] sign-file: move file signing logic to its own function Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 4/8] sign-file: add support to sign modules in bulk Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 5/8] sign-file: improve help message Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 6/8] sign-file: use const with a global string constant Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 7/8] sign-file: fix do while styling issue Shreenidhi Shedi
2023-06-23 14:53 ` [PATCH v7 8/8] kbuild: modinst: do modules_install step by step Shreenidhi Shedi
2023-08-04 14:06   ` Greg KH
2023-08-05 19:00     ` Shreenidhi Shedi
2023-08-06  6:45       ` Greg KH
2023-08-07 11:18         ` Shreenidhi Shedi
2023-08-06 19:32   ` Masahiro Yamada
2023-08-07  8:08     ` Shreenidhi Shedi
2023-08-07 18:44       ` Masahiro Yamada
2023-08-09 17:27         ` Shreenidhi Shedi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a9cbd99b-b5ce-4666-a08a-5586af3158c7@gmail.com \
    --to=yesshedi@gmail.com \
    --cc=dhowells@redhat.com \
    --cc=dwmw2@infradead.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=masahiroy@kernel.org \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --cc=nicolas@fjasle.eu \
    --cc=sshedi@vmware.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox