[PATCH v9 2/7] sign-file: inntroduce few new flags to make argument processing easy.
From: Shreenidhi Shedi
Date: Wed Aug 09 2023 - 13:22:26 EST
- Add some more options like help, x509, hashalgo to command line args
- This makes it easy to handle and use command line args wherever needed
Signed-off-by: Shreenidhi Shedi <yesshedi@xxxxxxxxx>
---
scripts/Makefile.modinst | 4 ++-
scripts/sign-file.c | 63 ++++++++++++++++++++++++++++------------
2 files changed, 48 insertions(+), 19 deletions(-)
diff --git a/scripts/Makefile.modinst b/scripts/Makefile.modinst
index ab0c5bd1a60f..e94ac9afe17a 100644
--- a/scripts/Makefile.modinst
+++ b/scripts/Makefile.modinst
@@ -72,7 +72,9 @@ else
sig-key := $(CONFIG_MODULE_SIG_KEY)
endif
quiet_cmd_sign = SIGN $@
- cmd_sign = scripts/sign-file $(CONFIG_MODULE_SIG_HASH) "$(sig-key)" certs/signing_key.x509 $@ \
+ cmd_sign = scripts/sign-file -a "$(CONFIG_MODULE_SIG_HASH)" \
+ -i "$(sig-key)" \
+ -x certs/signing_key.x509 $@ \
$(if $(KBUILD_EXTMOD),|| true)
else
quiet_cmd_sign :=
diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 94228865b6cc..b0f340ea629b 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -215,6 +215,11 @@ static X509 *read_x509(const char *x509_name)
struct cmd_opts {
char *raw_sig_name;
+ char *hash_algo;
+ char *dest_name;
+ char *private_key_name;
+ char *x509_name;
+ char *module_name;
bool save_sig;
bool replace_orig;
bool raw_sig;
@@ -233,6 +238,12 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
#ifndef USE_PKCS7
{"usekeyid", no_argument, 0, 'k'},
#endif
+ {"help", no_argument, 0, 'h'},
+ {"privkey", required_argument, 0, 'i'},
+ {"hashalgo", required_argument, 0, 'a'},
+ {"x509", required_argument, 0, 'x'},
+ {"dest", required_argument, 0, 'd'},
+ {"replaceorig", required_argument, 0, 'r'},
{0, 0, 0, 0}
};
@@ -241,10 +252,10 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
do {
#ifndef USE_PKCS7
- opt = getopt_long_only(argc, argv, "pds:",
+ opt = getopt_long_only(argc, argv, "hpds:i:a:x:t:r:",
cmd_options, &opt_index);
#else
- opt = getopt_long_only(argc, argv, "pdks:",
+ opt = getopt_long_only(argc, argv, "hpdks:i:a:x:t:r:",
cmd_options, &opt_index);
#endif
switch (opt) {
@@ -268,6 +279,30 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
break;
#endif
+ case 'h':
+ format();
+ break;
+
+ case 'i':
+ opts->private_key_name = optarg;
+ break;
+
+ case 'a':
+ opts->hash_algo = optarg;
+ break;
+
+ case 'x':
+ opts->x509_name = optarg;
+ break;
+
+ case 't':
+ opts->dest_name = optarg;
+ break;
+
+ case 'r':
+ opts->replace_orig = true;
+ break;
+
case -1:
break;
@@ -281,9 +316,6 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
int main(int argc, char **argv)
{
struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
- char *hash_algo = NULL;
- char *private_key_name = NULL;
- char *x509_name, *module_name, *dest_name;
unsigned char buf[4096];
unsigned long module_size, sig_size;
unsigned int use_signed_attrs;
@@ -315,32 +347,27 @@ int main(int argc, char **argv)
argv += optind;
const char *raw_sig_name = opts.raw_sig_name;
+ const char *hash_algo = opts.hash_algo;
+ const char *private_key_name = opts.private_key_name;
+ const char *x509_name = opts.x509_name;
+ const char *module_name = opts.module_name;
const bool save_sig = opts.save_sig;
const bool raw_sig = opts.raw_sig;
const bool sign_only = opts.sign_only;
bool replace_orig = opts.replace_orig;
+ char *dest_name = opts.dest_name;
#ifndef USE_PKCS7
const unsigned int use_keyid = opts.use_keyid;
#endif
- if (argc < 4 || argc > 5)
+ if (!argv[0] || argc != 1)
format();
- if (raw_sig) {
- raw_sig_name = argv[0];
- hash_algo = argv[1];
- } else {
- hash_algo = argv[0];
- private_key_name = argv[1];
- }
- x509_name = argv[2];
- module_name = argv[3];
- if (argc == 5 && strcmp(argv[3], argv[4]) != 0) {
- dest_name = argv[4];
+ if (dest_name && strcmp(argv[0], dest_name)) {
replace_orig = false;
} else {
ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
- "asprintf");
+ "asprintf");
replace_orig = true;
}
--
2.41.0