Manipulating static libraries with ar

I came across a situation where I had to replace an object file in a static library. First problem encountered was that it was a “fat” library – it had the same code compiled for multiple architectures. The architectures included can be displayed with this command:

lipo -archs fred.a

To get around this, it was necessary to create a new thin library with just the architecture in which I was interested – arm64 in this case. This can be done with lipo again:

lipo fred.a -thin arm64 -output fred64.a

fred64.a will just contain the version for the chosen architecture. In my case, I wanted to replace a large set of object files so I decided to just expand the static library into all of its component object files:

ar x fred64.a

Then I could easily replace the necessary object files. Finally, I recreated the thin library:

ar cr fred64new.a *.o

It’s easy to check what is in the new library using:

ar t fred64new.a

For even more detail, the nm command will display the exposed symbols in the library:

nm fred64new.a

Solving a kernel module signing issue

I am currently working on getting an E810 100G ethernet NIC working and had a bit of trouble building the irdma driver due to a signing problem:

At main.c:160:
- SSL error:02001002:system library:fopen:No such file or directory: ../crypto/bio/bss_file.c:69
- SSL error:2006D080:BIO routines:BIO_new_file:no such file: ../crypto/bio/bss_file.c:76
sign-file: certs/signing_key.pem: No such file or directory

After some research, I came across the solution here, which seemed to work for me. Specifically the solution is (reproduced here just in case I can’t find the original again!):

cd /lib/modules/$(uname -r)/build/certs

sudo tee x509.genkey > /dev/null << 'EOF'
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
prompt = no
string_mask = utf8only
x509_extensions = myexts
[ req_distinguished_name ]
CN = Modules
[ myexts ]

sudo openssl req -new -nodes -utf8 -sha512 -days 36500 -batch -x509 -config x509.genkey -outform DER -out signing_key.x509 -keyout signing_key.pem