sign-file: Document dependency on OpenSSL devel libraries The revised sign-file program is no longer a script that wraps the openssl program, but now rather a program that makes use of OpenSSL's crypto library. This means that to build the sign-file program, the kernel build process now has a dependency on the OpenSSL development packages in addition to OpenSSL itself. Document this in Kconfig and in module-signing.txt. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: David Woodhouse <David.Woodhouse@intel.com>

commit: 228c37ff980f5643401a1667f5ab7c6f38602cf8 [log] [tgz]
author: David Howells <dhowells@redhat.com> Tue Aug 11 12:38:54 2015 +0100
committer: David Howells <dhowells@redhat.com> Wed Aug 12 17:01:01 2015 +0100
tree: e5626bde6b067bc3119caba067307439328948a6
parent: 99db44350672c8a5ee9a7b0a6f4cd6ff10136065 [diff] [blame]
diff --git a/init/Kconfig b/init/Kconfig
index 62b7256..5d1a703 100644
--- a/init/Kconfig
+++ b/init/Kconfig

@@ -1897,6 +1897,10 @@
 	  is simply appended to the module. For more information see
 	  Documentation/module-signing.txt.
 
+	  Note that this option adds the OpenSSL development packages as a
+	  kernel build dependency so that the signing tool can use its crypto
+	  library.
+
 	  !!!WARNING!!!  If you enable this option, you MUST make sure that the
 	  module DOES NOT get stripped after being signed.  This includes the
 	  debuginfo strip done by some packagers (such as rpmbuild) and
commit	228c37ff980f5643401a1667f5ab7c6f38602cf8	[log] [tgz]
author	David Howells <dhowells@redhat.com>	Tue Aug 11 12:38:54 2015 +0100
committer	David Howells <dhowells@redhat.com>	Wed Aug 12 17:01:01 2015 +0100
tree	e5626bde6b067bc3119caba067307439328948a6
parent	99db44350672c8a5ee9a7b0a6f4cd6ff10136065 [diff] [blame]