Comment 3 for bug 1558553

------- Comment From <email address hidden> 2016-03-23 10:29 EDT-------
Making comment from Mehmet Kayaalp external:

In the 4.4.0-15.31 kernel the reserved space is not filled with randomized bytes. The second step of the build seems to be skipped.

---quote---
make vmlinux
scripts/insert-sys-cert -b vmlinux -c /dev/null
make bzImage

The 2nd step above changes the reserved memory to randomized.
---quote---

This results in a larger vmlinux when the key is inserted:

ubuntu@ubuntu-xenial:~$ uname -a
Linux ubuntu-xenial 4.4.0-15-generic #31-Ubuntu SMP Fri Mar 18 19:08:31 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

ubuntu@ubuntu-xenial:~$ sudo grep SYSTEM_EXTRA /boot/config-4.4.0-15-generic
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096

ubuntu@ubuntu-xenial:~$ sudo ./insert-sys-cert -s /boot/System.map-4.4.0-15-generic -z /boot/vmlinuz-4.4.0-15-generic -c cert.x509
...
INFO: Inserted the contents of cert.x509 into ffffffff82075ffa.
INFO: Used 1308 bytes out of 4096 bytes reserved.
INFO: Executing: gzip -n -f -9 <vmlinux-PquuG7 >vmlinux-0ZuoLz
ERROR: Increase in compressed size is not supported.
ERROR: Old size was 6952429, new size is 6956652