From bd72bd12c2b57b783856d09cef8b1f6f7743a08f Mon Sep 17 00:00:00 2001 From: Seth Forshee Date: Mon, 18 Nov 2019 16:39:00 +0100 Subject: [PATCH] UBUNTU: [Packaging] Fix module signing with older modinfo BugLink: https://bugs.launchpad.net/bugs/1852581 Not all versions of modinfo support the signer field; specifically, the version in boinic does not. This leaves all modules unsigned in hwe kernels based on eoan and later. Change the check to look for the magic string at the end of the module, which does not rely on any external tools being aware of module signatures. Signed-off-by: Seth Forshee Acked-by: Thadeu Lima de Souza Cascardo Acked-by: Kleber Sacilotto de Souza Signed-off-by: Kleber Sacilotto de Souza --- debian/rules.d/2-binary-arch.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/rules.d/2-binary-arch.mk b/debian/rules.d/2-binary-arch.mk index efc1dd1c45c34..cf2c1f0d58b81 100644 --- a/debian/rules.d/2-binary-arch.mk +++ b/debian/rules.d/2-binary-arch.mk @@ -413,12 +413,12 @@ ifneq ($(skipdbg),true) -name '*.ko' | while read path_module ; do \ module="/lib/modules/$${path_module#*/lib/modules/}"; \ if [[ -f "$(dbgpkgdir)/usr/lib/debug/$$module" ]] ; then \ - signer=$$(/sbin/modinfo -F signer "$$path_module"); \ + signature=$$(tail -c 28 "$$path_module"); \ $(CROSS_COMPILE)objcopy \ --add-gnu-debuglink=$(dbgpkgdir)/usr/lib/debug/$$module \ $$path_module; \ if grep -q CONFIG_MODULE_SIG=y $(builddir)/build-$*/.config && \ - [ -n "$$signer" ]; then \ + [ "$$signature" = "~Module signature appended~" ]; then \ $(builddir)/build-$*/scripts/sign-file $(MODHASHALGO) \ $(MODSECKEY) \ $(MODPUBKEY) \