From cec6ee8777b963ee08b619585ed352e189f4c96e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Fri, 17 Apr 2015 17:32:39 +0200
Subject: [PATCH] Use "gpgv" to verify kernel archive signature

---
 Makefile | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 03157ca..3e5612a 100644
--- a/Makefile
+++ b/Makefile
@@ -56,11 +56,12 @@ $(SIGN_FILE):
 	@wget -q -N $(URL_SIGN)
 
 import-keys:
-	 gpg -q --import *-key.asc
+	@if [ -n "$$GNUPGHOME" ]; then rm -f "$$GNUPGHOME/linux-kernel-trustedkeys.gpg"; fi
+	@gpg --no-auto-check-trustdb --no-default-keyring --keyring linux-kernel-trustedkeys.gpg -q --import *-key.asc
 
 verify-sources: import-keys
 ifeq ($(BUILD_FLAVOR),pvops)
-	@xzcat $(SRC_FILE) | gpg -q --verify $(SIGN_FILE) - 2>/dev/null
+	@xzcat $(SRC_FILE) | gpgv --keyring linux-kernel-trustedkeys.gpg $(SIGN_FILE) - 2>/dev/null
 else
 #	@gpg --verify $(SIGN_FILE) $(SRC_FILE)
 #	The key has been compromised