[PATCH v6,3/4] modsign: Add codeSigning EKU when generating X.509 key generation config

From: Lee, Chun-Yi
Date: Thu Apr 29 2021 - 03:30:23 EST

Next message: Olivier Dautricourt: "[PATCH v3 2/2] drivers: dma: altera-msgdma: add OF support"
Previous message: Lee, Chun-Yi: "[PATCH v6,4/4] Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU"
In reply to: Lee, Chun-Yi: "[PATCH v6,4/4] Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Add codeSigning EKU to the X.509 key generation config for the build time
autogenerated kernel key.

Signed-off-by: "Lee, Chun-Yi" <jlee@xxxxxxxx>
---
certs/Makefile | 1 +
1 file changed, 1 insertion(+)

diff --git a/certs/Makefile b/certs/Makefile
index b6db52ebf0be..d9515d68778f 100644
--- a/certs/Makefile
+++ b/certs/Makefile
@@ -89,6 +89,7 @@ $(obj)/x509.genkey:
@echo >>$@ "keyUsage=digitalSignature"
@echo >>$@ "subjectKeyIdentifier=hash"
@echo >>$@ "authorityKeyIdentifier=keyid"
+ @echo >>$@ "extendedKeyUsage=codeSigning"
endif # CONFIG_MODULE_SIG_KEY

$(eval $(call config_filename,MODULE_SIG_KEY))
--
2.16.4

Next message: Olivier Dautricourt: "[PATCH v3 2/2] drivers: dma: altera-msgdma: add OF support"
Previous message: Lee, Chun-Yi: "[PATCH v6,4/4] Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU"
In reply to: Lee, Chun-Yi: "[PATCH v6,4/4] Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]