Shared publicly  - 
 
Quite clearly, anyone who adds RSA module signing to the kernel doesn't have to do allmodconfig builds all day long to validate hundreds of patches daily.

Because if they did, they would not in their right mind add so much overhead to the kernel build.
5
David Miller (dokebi)'s profile photoAuke Kok's profile photoGreg Kroah-Hartman's profile photoJosh Boyer's profile photo
6 comments
 
Fortunately, it is very easy to turn off just one configuration option.
 
That's not the point.  It's so easy to tell someone "validate the build with allmodconfig, you'll miss something otherwise"  Now I have to tell them something more complicated to do.

It's an abomination, and clearly whoever gated this change has no spine.
 
I already thought the MD4 thing we do on modules was too much overhead and I was going to find a way to optimize it.  Well, so much for that, right?
 
Any reason this isn't part of `modules_install` instead?
 
ick, you are right, my build times went from 351 seconds for 3.6 to 394 seconds with 3.7-rc1 allmodconfig.
 
+Auke Kok I have a patch to convert it to doing the signing via 'make modules_sign' that is run after 'modules_install'.  We're using it in Fedora to keep RPM from stripping signatures off of the modules during debuginfo creation.  I'll get around to posting it after I'm done travelling.