mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider
@ 2021-02-28 23:48 Roland Hieber
  2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
  2021-03-05  7:26 ` [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider Michael Olbrich
  0 siblings, 2 replies; 4+ messages in thread
From: Roland Hieber @ 2021-02-28 23:48 UTC (permalink / raw)
  To: ptxdist; +Cc: Roland Hieber

Signed-off-by: Roland Hieber <rhi@pengutronix.de>
---
 doc/dev_code_signing.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/dev_code_signing.rst b/doc/dev_code_signing.rst
index d47002e8c380..56ac0e3b3217 100644
--- a/doc/dev_code_signing.rst
+++ b/doc/dev_code_signing.rst
@@ -49,6 +49,7 @@ material in case SoftHSM is used.
 
 When ``PTXCONF_CODE_SIGNING`` is enabled exactly one code signing provider is
 active during each invocation of PTXdist.
+The active provider can be selected in the ``platformconfig`` menu.
 
 PTXdist comes equipped with a development code signing provider "devel"
 implemented via the package ``host-ptx-code-signing-dev``.
-- 
2.29.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails
  2021-02-28 23:48 [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider Roland Hieber
@ 2021-02-28 23:48 ` Roland Hieber
  2021-03-05  7:26   ` [ptxdist] [APPLIED] " Michael Olbrich
  2021-03-05  7:26 ` [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider Michael Olbrich
  1 sibling, 1 reply; 4+ messages in thread
From: Roland Hieber @ 2021-02-28 23:48 UTC (permalink / raw)
  To: ptxdist; +Cc: Roland Hieber

Instead of relying on users to grep in the PTXdist source code for this
line, tell them directly what is checked here.

Also fix a typo in the previous-to-last line.

Signed-off-by: Roland Hieber <rhi@pengutronix.de>
---
 rules/rauc.make | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/rules/rauc.make b/rules/rauc.make
index 66c967d44b83..08df6336a7cd 100644
--- a/rules/rauc.make
+++ b/rules/rauc.make
@@ -50,8 +50,10 @@ RAUC_CONF_OPT	:= \
 
 $(STATEDIR)/rauc.prepare:
 	@$(call targetinfo)
-	@test ! -e "$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)" || \
-		ptxd_bailout "Please use the signing provider infrastructure desribed in:" \
+	@keyfile="$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)"; \
+		test ! -e "$${keyfile}" || \
+		ptxd_bailout "Legacy RAUC keyring exists at $${keyfile}!" \
+			"Please use the signing provider infrastructure instead, as described in:" \
 			"https://www.ptxdist.org/doc/dev_code_signing.html"
 	@$(call world/prepare, RAUC)
 	@$(call touch)
-- 
2.29.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider
  2021-02-28 23:48 [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider Roland Hieber
  2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
@ 2021-03-05  7:26 ` Michael Olbrich
  1 sibling, 0 replies; 4+ messages in thread
From: Michael Olbrich @ 2021-03-05  7:26 UTC (permalink / raw)
  To: ptxdist; +Cc: Roland Hieber

Thanks, applied as dd524817b207b8de40fede2ac183e336030d995b.

Michael

[sent from post-receive hook]

On Fri, 05 Mar 2021 08:26:13 +0100, Roland Hieber <rhi@pengutronix.de> wrote:
> Signed-off-by: Roland Hieber <rhi@pengutronix.de>
> Message-Id: <20210228234809.5294-1-rhi@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/doc/dev_code_signing.rst b/doc/dev_code_signing.rst
> index d47002e8c380..56ac0e3b3217 100644
> --- a/doc/dev_code_signing.rst
> +++ b/doc/dev_code_signing.rst
> @@ -49,6 +49,7 @@ material in case SoftHSM is used.
>  
>  When ``PTXCONF_CODE_SIGNING`` is enabled exactly one code signing provider is
>  active during each invocation of PTXdist.
> +The active provider can be selected in the ``platformconfig`` menu.
>  
>  PTXdist comes equipped with a development code signing provider "devel"
>  implemented via the package ``host-ptx-code-signing-dev``.

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [ptxdist] [APPLIED] rauc: be more verbose why the check for legacy keyring fails
  2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
@ 2021-03-05  7:26   ` Michael Olbrich
  0 siblings, 0 replies; 4+ messages in thread
From: Michael Olbrich @ 2021-03-05  7:26 UTC (permalink / raw)
  To: ptxdist; +Cc: Roland Hieber

Thanks, applied as 73c6cbfbac24ddcbe013b4647314a47d81adecec.

Michael

[sent from post-receive hook]

On Fri, 05 Mar 2021 08:26:14 +0100, Roland Hieber <rhi@pengutronix.de> wrote:
> Instead of relying on users to grep in the PTXdist source code for this
> line, tell them directly what is checked here.
> 
> Also fix a typo in the previous-to-last line.
> 
> Signed-off-by: Roland Hieber <rhi@pengutronix.de>
> Message-Id: <20210228234809.5294-2-rhi@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/rauc.make b/rules/rauc.make
> index 66c967d44b83..08df6336a7cd 100644
> --- a/rules/rauc.make
> +++ b/rules/rauc.make
> @@ -50,8 +50,10 @@ RAUC_CONF_OPT	:= \
>  
>  $(STATEDIR)/rauc.prepare:
>  	@$(call targetinfo)
> -	@test ! -e "$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)" || \
> -		ptxd_bailout "Please use the signing provider infrastructure desribed in:" \
> +	@keyfile="$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)"; \
> +		test ! -e "$${keyfile}" || \
> +		ptxd_bailout "Legacy RAUC keyring exists at $${keyfile}!" \
> +			"Please use the signing provider infrastructure instead, as described in:" \
>  			"https://www.ptxdist.org/doc/dev_code_signing.html"
>  	@$(call world/prepare, RAUC)
>  	@$(call touch)

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-03-05  7:26 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-28 23:48 [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider Roland Hieber
2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
2021-03-05  7:26   ` [ptxdist] [APPLIED] " Michael Olbrich
2021-03-05  7:26 ` [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider Michael Olbrich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox