2021-11-16 00:19:39

by Eric Snowberg

Subject: [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature

The kernel test robot reports undefined reference to
public_key_verify_signature when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is
not defined. Create a static version in this case and return -EINVAL.

Reported-by: kernel test robot <[email protected]>
Signed-off-by: Eric Snowberg <[email protected]>
---
v7: Initial version
---
include/crypto/public_key.h | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index f603325c0c30..a9b2e600b7cc 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -80,7 +80,16 @@ extern int create_signature(struct kernel_pkey_params *, const void *, void *);
extern int verify_signature(const struct key *,
const struct public_key_signature *);

+#if IS_REACHABLE(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
int public_key_verify_signature(const struct public_key *pkey,
const struct public_key_signature *sig);
+#else
+static inline
+int public_key_verify_signature(const struct public_key *pkey,
+ const struct public_key_signature *sig)
+{
+ return -EINVAL;
+}
+#endif

#endif /* _LINUX_PUBLIC_KEY_H */
--
2.18.4

2021-11-17 13:33:01

by Mimi Zohar

Subject: Re: [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature

On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote:
> The kernel test robot reports undefined reference to
> public_key_verify_signature when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is
> not defined. Create a static version in this case and return -EINVAL.
>
> Reported-by: kernel test robot <[email protected]>
> Signed-off-by: Eric Snowberg <[email protected]>

Reviewed-by: Mimi Zohar <[email protected]>

2021-11-17 13:54:40

by Mimi Zohar

Subject: Re: [PATCH v7 03/17] KEYS: Create static version of public_key_verify_signature

On Wed, 2021-11-17 at 08:32 -0500, Mimi Zohar wrote:
> On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote:
> > The kernel test robot reports undefined reference to
> > public_key_verify_signature when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is
> > not defined. Create a static version in this case and return -EINVAL.
> >
> > Reported-by: kernel test robot <[email protected]>
> > Signed-off-by: Eric Snowberg <[email protected]>
>
> Reviewed-by: Mimi Zohar <[email protected]>

Perhaps this patch wouldn't be needed if

+config INTEGRITY_MACHINE_KEYRING
+ bool "Provide a keyring to which CA Machine Owner Keys may be
added"
+ depends on SECONDARY_TRUSTED_KEYRING
+ depends on INTEGRITY_ASYMMETRIC_KEYS

depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y

+ depends on SYSTEM_BLACKLIST_KEYRING
+ depends on LOAD_UEFI_KEYS

Mimi