summaryrefslogtreecommitdiff
path: root/certs
diff options
context:
space:
mode:
authorMasahiro Yamada <masahiroy@kernel.org>2021-12-14 11:53:48 +0900
committerMasahiro Yamada <masahiroy@kernel.org>2022-01-08 17:46:35 +0900
commit5cca36069d4c2942a46f98f47b9e7160fd547e03 (patch)
tree53260efe8c19e8397a6611a5e7f5804ac16912c9 /certs
parent3958f2156b418c9dce0a4402a59d95b122a92a04 (diff)
certs: refactor file cleaning
'make clean' removes files listed in 'targets'. It is redundant to specify both 'targets' and 'clean-files'. Move 'targets' assignments out of the ifeq-conditionals so scripts/Makefile.clean can see them. One effective change is that certs/certs/signing_key.x509 is now deleted by 'make clean' instead of 'make mrproper. This certificate is embedded in the kernel. It is not used in any way by external module builds. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Reviewed-by: Nicolas Schier <n.schier@avm.de>
Diffstat (limited to 'certs')
-rw-r--r--certs/Makefile9
1 files changed, 5 insertions, 4 deletions
diff --git a/certs/Makefile b/certs/Makefile
index d1e0dad038ca..bb1763150547 100644
--- a/certs/Makefile
+++ b/certs/Makefile
@@ -22,12 +22,11 @@ $(eval $(call config_filename,SYSTEM_TRUSTED_KEYS))
# GCC doesn't include .incbin files in -MD generated dependencies (PR#66871)
$(obj)/system_certificates.o: $(obj)/x509_certificate_list
-targets += x509_certificate_list
$(obj)/x509_certificate_list: scripts/extract-cert $(SYSTEM_TRUSTED_KEYS_SRCPREFIX)$(SYSTEM_TRUSTED_KEYS_FILENAME) FORCE
$(call if_changed,extract_certs,$(SYSTEM_TRUSTED_KEYS_SRCPREFIX)$(CONFIG_SYSTEM_TRUSTED_KEYS))
endif # CONFIG_SYSTEM_TRUSTED_KEYRING
-clean-files := x509_certificate_list .x509.list x509_revocation_list
+targets += x509_certificate_list
ifeq ($(CONFIG_MODULE_SIG),y)
SIGN_KEY = y
@@ -84,18 +83,20 @@ endif
# GCC PR#66871 again.
$(obj)/system_certificates.o: $(obj)/signing_key.x509
-targets += signing_key.x509
$(obj)/signing_key.x509: scripts/extract-cert $(X509_DEP) FORCE
$(call if_changed,extract_certs,$(MODULE_SIG_KEY_SRCPREFIX)$(CONFIG_MODULE_SIG_KEY))
endif # CONFIG_MODULE_SIG
+targets += signing_key.x509
+
ifeq ($(CONFIG_SYSTEM_REVOCATION_LIST),y)
$(eval $(call config_filename,SYSTEM_REVOCATION_KEYS))
$(obj)/revocation_certificates.o: $(obj)/x509_revocation_list
-targets += x509_revocation_list
$(obj)/x509_revocation_list: scripts/extract-cert $(SYSTEM_REVOCATION_KEYS_SRCPREFIX)$(SYSTEM_REVOCATION_KEYS_FILENAME) FORCE
$(call if_changed,extract_certs,$(SYSTEM_REVOCATION_KEYS_SRCPREFIX)$(CONFIG_SYSTEM_REVOCATION_KEYS))
endif
+
+targets += x509_revocation_list