Commit Graph

117 Commits

Author SHA1 Message Date
Dimitri John Ledkov
510c8b7f74 libkmod: remove pkcs7 obj_to_hash_algo()
Switch to using OBJ_obj2txt() to calculate and print the pkcs7
signature hash name. This eliminates the need to duplicate libcrypto
NID to name mapping, detect SM3 openssl compile-time support, and
enables using any hashes that openssl and kernel know about. For
example SHA3 are being added for v6.7 and with this patch are
automatically supported.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Link: https://lore.kernel.org/r/20231029010319.157390-1-dimitri.ledkov@canonical.com
2023-11-07 14:05:44 -06:00
Michal Suchanek
ecef7c1316 kmod: Add pkgconfig file with kmod compile time configuration
Show distconfdir (where system configuration files are searched/to be
installed), sysconfdir (where user configuration files are searched),
module compressions, and module signatures supported.

Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Link: https://lore.kernel.org/r/468b3f572d3b84f25bb53ec8fcb15ed4871914d4.1689681454.git.msuchanek@suse.de
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2023-10-17 12:27:59 -05:00
Michal Suchanek
8463809f8a libkmod, depmod: Load modprobe.d, depmod.d from ${prefix}/lib.
There is an ongoing effort to limit use of files outside of /usr (or
${prefix} on general). Currently all modprobe.d paths are hardcoded to
outside of $prefix. Teach kmod to load modprobe.d from ${prefix}/lib.

On some distributions /usr/lib and /lib are the same directory because
of a compatibility symlink, and it is possible to craft configuration
files with sideeffects that would behave differently when loaded twice.
However, the override semantic ensures that one 'overrides' the other,
and only one configuration file of the same name is loaded from any of
the search directories.

Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Link: https://lore.kernel.org/r/a290343ce32e2a3c25b134e4f27c13b26e06c9e0.1689681454.git.msuchanek@suse.de
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2023-10-17 12:27:59 -05:00
Michal Suchanek
1bb23d7f19 configure: Detect openssl sm3 support
Older openssl versions do not support sm3. The code has an option to
disable the sm3 hash but the lack of openssl support is not detected
automatically.

Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Link: https://lore.kernel.org/r/b97e20faa07e9e31c6eaf96683011aa24e80760c.1689681454.git.msuchanek@suse.de
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2023-10-17 12:27:59 -05:00
Lucas De Marchi
aff617ea87 kmod 31 2023-09-29 09:18:37 -05:00
Fabrice Fontaine
3d1bd339ab configure.ac: fix link with -llzma
Add liblzma_LIBS to LIBS to avoid the following build failure when
building with a static-only liblzma.a:

/home/autobuild/autobuild/instance-5/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/11.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: libkmod/.libs/libkmod-internal.a(libkmod-file.o):(.text.xz_uncompress+0x10): undefined reference to `lzma_code'

For consistency, also update libzstd, zlib and libcrypto

Fixes:
 - http://autobuild.buildroot.org/results/83a4a7ecc77f39639d3e5bc8554bd01a62a3ede0

References: https://github.com/kmod-project/kmod/pull/25
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2023-03-06 14:21:51 -08:00
Emil Velikov
e4c1a5b299 configure: manage libkmod.pc.in and version.py.in via AC_CONFIG_FILES
Replace the manual sed command, build rules and dist/clean for using
AC_CONFIG_FILES. It does the exact same thing, with an added bonus...

Currently we're missing version.py.in in the EXTRA_DIST. Thus a simple
"touch Makefile" should retrigger the regeneration of version.py. Which
would presumably fail, since the input file isn't in the distribution
tarball.

Signed-off-by: Emil Velikov <emil.velikov@collabora.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2023-02-21 16:35:42 -08:00
Lucas De Marchi
3d38e322f9 testsuite: Handle different sysconfdir
Instead of skipping tests if sysconfdir isn't /etc, just handle it
during the rootfs setup logic.

Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>
2023-02-10 14:29:28 -08:00
Florian Weimer
035e6667d1 kmod: configure.ac: In _Noreturn check, include <stdlib.h> for exit
Otherwise, an implicit functiona declaration is used, causing
a C99 compatibility issue.

Signed-off-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2022-12-26 09:33:47 -08:00
Lucas De Marchi
5d46434a63 kmod 30 2022-06-30 08:19:17 -07:00
Lucas De Marchi
b6ecfc916a kmod 29 2021-05-20 16:02:57 -07:00
Marius Bakke
847247a4a8 testsuite: Automatically skip tests that fail when sysconfdir != /etc. 2021-01-07 19:44:50 -08:00
Lucas De Marchi
1ccfe99428 kmod 28 2021-01-07 10:43:36 -08:00
Torge Matthies
3821e1971e add Zstandard compression support
I changed the style of the hackargs variable in autogen.sh to multiline
because said line was becoming a bit long with the new --with-zstd arg
added.

A previous version of this patch has been running on my two Arch Linux
installations (with an accompanying mkinitcpio patch) for several months
over many kernel updates without any issues.
Any additional testing and/or patch review would of course be appreciated.

Signed-off-by: Torge Matthies <openglfreak@googlemail.com>
2020-09-10 21:55:01 -07:00
Lucas De Marchi
819a125ca7 kmod 27 2020-02-18 15:54:07 -08:00
Adrian Bunk
f8b8d7b330 build: Stop using dolt
This does regress "make -12" from 0.7s to 0.9s on my
Coffee Lake machine, but even on slower hardware this
will not amount to a noticable slowdown.

On the other hand using dolt can create problems for
people doing cross-compilation, e.g. Yocto has two
hacks just for dolt in kmod:
https://git.yoctoproject.org/cgit/cgit.cgi/poky/tree/meta/recipes-kernel/kmod/kmod.inc?id=a17abae00785c76cfffe5381a22fb2c86b982e82

(Lucas: remove leftover entry in Makefile and reformat commit message)
2019-02-20 10:38:56 -08:00
Dave Reisner
8e266b9eef Link against libcrypto, not all of openssl
In the previous build setup, libkmod.so would link to not just
libcrypto.so, but also libssl.so:

$ readelf -d /lib/libkmod.so | grep NEEDED
 0x0000000000000001 (NEEDED)             Shared library: [liblzma.so.5]
 0x0000000000000001 (NEEDED)             Shared library: [libz.so.1]
 0x0000000000000001 (NEEDED)             Shared library: [libssl.so.1.1]
 0x0000000000000001 (NEEDED)             Shared library: [libcrypto.so.1.1]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.6]

We don't need any symbols from libssl, though. This patch ensures that
we pass 'libcrypto' to pkgconfig rather than 'openssl', getting only the
library that we need:

$ readelf -d  ./libkmod/.libs/libkmod.so.2.3.4 | grep NEEDED
 0x0000000000000001 (NEEDED)             Shared library: [liblzma.so.5]
 0x0000000000000001 (NEEDED)             Shared library: [libz.so.1]
 0x0000000000000001 (NEEDED)             Shared library: [libcrypto.so.1.1]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.6]
2019-02-13 09:36:57 -08:00
Lucas De Marchi
58133a96c8 kmod 26 2019-02-07 13:46:40 -08:00
Lucas De Marchi
a3b5428cd8 build: check openssl version 2019-02-04 16:09:38 -08:00
Yauheni Kaliuta
391b4714b4 libkmod-signature: implement pkcs7 parsing with openssl
The patch adds data fetching from the PKCS#7 certificate using
openssl library (which is used by scripts/sign-file.c in the linux
kernel to sign modules).

In general the certificate can contain many signatures, but since
kmod (modinfo) supports only one signature at the moment, only first
one is taken.

With the current sign-file.c certificate doesn't contain signer
key's fingerprint, so "serial number" is used for the key id.

Signed-off-by: Yauheni Kaliuta <yauheni.kaliuta@redhat.com>
2019-02-04 13:51:27 -08:00
Lucas De Marchi
aca4eca103 kmod 25 2018-01-08 17:30:39 -08:00
Lucas De Marchi
8d9c7e37c9 build: use tool from configure
This way we make sure the tool will be the one we actually configured
before going through sudo.
2018-01-02 18:17:51 -08:00
Lucas De Marchi
ef4257b59c kmod 24 2017-02-23 23:32:51 -08:00
Lucas De Marchi
65a885df5f kmod 23 2016-07-20 01:38:42 -03:00
Lucas De Marchi
42f32b8ae4 kmod 22 2015-11-17 22:12:07 -02:00
Lucas De Marchi
2bfcd7ef80 kmod 21 2015-06-09 02:36:14 -03:00
Lucas De Marchi
4671e03e1d build: add relevant features to KMOD_FEATURES in config.h
Not all the features (i.e. those available in --enable-* or --with-*)
are really relevant to the final user. Create a KMOD_FEATURES definition
in config.h containing these features.

Reviewed-by: Andreas Mohr <andim2@users.sf.net>
2015-06-08 22:37:58 -03:00
Lucas De Marchi
013e855043 tools: Hide new commands behind experimental flag
Hide the commands behind a flag so we can continue doing releases while
the commands aren't ready.
2015-06-06 23:26:31 -03:00
Lucas De Marchi
23603f1f83 build: cache modules from playground
Now that we are able to build our own test modules, also allow to use
cached modules so a) kernel headers are not required and b) distro
maintainers are happy.  It's still need a "--disable-test-modules" in
the configure since the default is enabled.

There's no license problems anymore since all modules come from our own
repository, we ship the sources and the modules can be easily rebuilt.
2015-05-31 15:38:47 -03:00
Lucas De Marchi
da6c0d2f52 build: use dolt
Drop-in replacement to libtool: http://dolt.freedesktop.org/. More
details: http://marc.info/?l=freedesktop-xorg&m=120791871615872&w=3

kmod is relatively fast to compile, so it doesn't matter much.
Nonetheless, less forks the better.

Compilation time using ./bootstrap-configure --disable-manpages and
make -j4

libtool
real    0m6.453s
user    0m21.067s
sys     0m0.773s

dolt
real    0m4.792s
user    0m15.920s
sys     0m0.637s
2015-03-05 13:14:36 -03:00
Lucas De Marchi
d9c7175859 kmod 20 2015-03-01 14:43:09 -03:00
Lucas De Marchi
fae77516b4 build: we are kmod, not systemd
Fix copy and paste mistake.
2015-02-27 16:20:14 -03:00
Lucas De Marchi
16a62c7ab3 shared: avoid checking for __STDC_VERSION__
Since we pass -std=gnu99 to the compiler __STDC_VERSION__ is defined to
199901. Even in this case we can use _Noreturn. Delegate the testing to
the configure phase with a compile test.

In future we want to stop using AC_PROG_CC_99 and start using the new
AC_PROG_CC from autoconf 2.70, which tries to choose the most recent
standard.
2015-02-26 13:15:14 -03:00
Lucas De Marchi
481ad14550 build: simplify and organize configure
- There's no need for the various AC_PROG_CC* macros
 - No need for AC_C_BIGENDIAN: the only place we care about endianness,
   we use __BYTE_ORDER
 - Organize calls to be in similar order as systemd
 - Disable --disable-largefile. We already had possible bugs in the
   index implementation if this were passed. It's now fixed, but it's
   never tested. Disable it.
 - Bump autoconf requirement to 2.64
2015-02-26 12:21:08 -03:00
Lucas De Marchi
aac5f4514f shared: add helper function to add and check for overflow
Use _builtin_uaddll_overflow/_builtin_uaddl_overflow when available,
abstracting the type to use it with uint64_t.

Otherwise fallback to the implementation as added in 67466f2 ("Prevent
offset + size overflow.").

This also adds the tests for this new helper in the testsuite.
2015-02-10 10:43:44 -02:00
Lucas De Marchi
e6307200af build: check for required builtin functions
These builtins are implemented by both gcc and clang since a long time
and we don't provide fallback for them. Let the configure phase check
for them.
2015-02-10 00:45:42 -02:00
Lucas De Marchi
c677bf2c7d Revert "build: enable LTO and _FORTIFY_SOURCE with optimization"
This reverts commit 27bcc9111b.

Let the distro decide about this flag. It's relatively recent and
doesn't work well with gcc 4.[678] making the testsuite to fail.
2015-01-26 19:16:03 -02:00
Lucas De Marchi
a5f799af98 build: pass --no-undefined to linker
Do not allow undefined symbols.
2015-01-25 23:29:50 -02:00
Lucas De Marchi
27bcc9111b build: enable LTO and _FORTIFY_SOURCE with optimization
If building with optimization enabled, enable LTO.
2015-01-25 23:28:46 -02:00
Lucas De Marchi
e9b0d1b40e build-sys: integrate coverage report
Just pass --enable-coverage to configure and then "make coverage" to
have the coverage report at coverage dir.
2015-01-07 23:02:34 -02:00
Lucas De Marchi
84aaaedfa6 build-sys: rename cflags/ldflags variable
Not all of them are for warnings or gc.
2015-01-02 16:32:03 -02:00
Mike Auty
fd56638aed build: Do not force diagnostics-color flag
The -fdiagnostics-color flag is only available on GCC >= 4.9, for
older versions this could raise an error in certain circumstances
(such as when using ccache).  Instead, since -fdiagnostic-color=auto
by default  in gcc-4.9, simply set the required environment variable
to the default one if it's undefined.

Based mostly on the systemd commit f44541bc by Michal Schmidt.
2014-12-17 00:41:01 -02:00
Lucas De Marchi
f9e2167b10 kmod 19 2014-11-16 10:24:50 -02:00
Randy MacLeod
9b34db1ae6 Add back-up implementation of be32toh()
Older systems may not have the be32toh function defined. Check for this
and fall back to checking the endianness and calling bswap_32 directly
if needed.  This works on both old and new systems.

[Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>:
address comments raised by Lucas De Marchi [1], update commit message]
[1] http://www.spinics.net/lists/linux-modules/msg01129.html
2014-09-29 17:13:26 -03:00
Lucas De Marchi
ae58de0fcb kmod 18 2014-06-14 12:46:38 -03:00
Lucas De Marchi
04c0956e20 Add strndupa to missing.h 2014-04-07 11:00:24 -03:00
Lucas De Marchi
49d8e0b590 kmod 17 2014-04-06 17:52:44 -03:00
Lucas De Marchi
3a33a7a566 build-sys: add hooks to build python bindings
Add --enable-python configure switch so we build the python bindings. We
also pass version.py through SED_PROCESS macro, so the version is kept
in sync with kmod.

Acked-by: Andy Grover <agrover@redhat.com>
2014-03-26 22:30:56 -03:00
Lucas De Marchi
db62153ea0 build-sys: try harder to shut up compiler wrt strict-aliasing
With -Wstrict-aliasing=2 we get the following warning:

	libkmod/libkmod-signature.c:124:20: note: in expansion of macro 'get_unaligned'
	  sig_len = be32toh(get_unaligned(&modsig->sig_len));

However there's nothing wrong with it. modsig->sig_len is uint32_t and
get_unaligned in this case returns uint32_t. There's notstrict aliasing
violation.
2014-03-24 23:50:24 -03:00
Lucas De Marchi
aa72284f83 build-sys: Remove bogus line causing warning
./configure: line 14316: xyes: command not found

We are not using have_manpages, so remove it.
2014-03-24 14:53:56 -03:00