Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1101407imm; Wed, 15 Aug 2018 11:25:12 -0700 (PDT) X-Google-Smtp-Source: AA+uWPxb4QvXQT6UIc/3MnE+DaPUycAzGJSS3LB14gZsNs2BWk7IiylO1+dRdQY0XnXm2bp+QAu2 X-Received: by 2002:a17:902:7488:: with SMTP id h8-v6mr520260pll.41.1534357511966; Wed, 15 Aug 2018 11:25:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534357511; cv=none; d=google.com; s=arc-20160816; b=GVRQygapNTGIPjna5uwAY5j1TZqjQnK0aKTtnA2vxBmgJ/k89L+Z7f71srfpX0HQls sOfRAgniteeo3sIq81NghRX8miCx5Ni+U18V9RYdoot/xy0gyd7xdz3NCYoOGWSvr2pU JeSRVONhVALinAAgIRbD071brf9gxhtgLfVQqg7u4tl5VZO6DQBVYKJ/z6uwRTosqgWh I2cFkFT0Mv08WtPK8b1H5PXX7FuFA7zbR6ZAUsbAirrUvwm6x9pZfzhQN0zfIL7lnxIo UQQAPDGIt/CktWYyNrocUJrIpczVPeF86YAnKTBbwiDI3XISR7mJn+7U15QxGWjAjVmh T/2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=bnvD6okTjKo7w0R6YkWBETy34ZHsBdXS3LvptV9sVlo=; b=Tg1e1f7daaU6gXs8O2d5thUHv04lk3qiyGRe3EkZvG0ih0zjfZony5VKHf46hsel3a tqEi1Ja7sZqQvPNkowaENoPeiwW4ctU4ZCHF9+wAlGo3pP9IVCB8wQHzTSwc3E8/oHoY i7J/A2UuYjwzWe3PrPfgLrlmJX7Jy7Cz+iQgRU3VPK0sspCahe5wDW1y/a+7fKlolcQ1 JhXJvNpbe9ON+4C8WHVLlrbXD415vkbgs6uEHkpH4e+qugbuJ6coZINXKxU+WU+T396I 4Q5q/pbz1asA9Vx48xM1mLnZEpXMGAUVrvWbJsXFVGuuD/zovQgUcVm60MrM1ST8VG4T v0jg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Lk15Sw52; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u1-v6si20611932plk.97.2018.08.15.11.24.56; Wed, 15 Aug 2018 11:25:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Lk15Sw52; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728426AbeHOVPj (ORCPT + 99 others); Wed, 15 Aug 2018 17:15:39 -0400 Received: from mail-io0-f194.google.com ([209.85.223.194]:35683 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726007AbeHOVPi (ORCPT ); Wed, 15 Aug 2018 17:15:38 -0400 Received: by mail-io0-f194.google.com with SMTP id w11-v6so1766175iob.2 for ; Wed, 15 Aug 2018 11:22:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bnvD6okTjKo7w0R6YkWBETy34ZHsBdXS3LvptV9sVlo=; b=Lk15Sw52GP1+654UYNafvbR6ILXh6A9qGNKZzOjLGOpo+/omoPGGsTG//p6b5vw1dl n9qvYJSAswbtrR6b/yZIhKX5o6LSaqs4WHPG8v+hcmUwYn/v/t7nfkTGCiB6PjlmQ4A8 ZpqCcyrVZzxOpuvFqjlfSZB+HEHyp+LQn5U3g= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bnvD6okTjKo7w0R6YkWBETy34ZHsBdXS3LvptV9sVlo=; b=P72UufgUtQgo3SFGTUErIcU4IgZ6mc+XEl5C39dBqwrZL/j8/p1rpfexeLrhIhNwbe ESGTYfqp0OyvpgIkzCHyKGGrctCIDF4s2YFnw1w1UeY9qi26fs3tdNEWgUyznlb820ef CrKr92ik0wyKc0rn61x+mdnwnZ5/779vKC/xqAhqtt7+Gn1GDnu5C32FuqxpVCudGiJZ epluSRxx55WSnGpXywIkci076VIMwQ/kvu+Wi4311Qh2DozXBsHNE4eqHM8hCCQYhApF s3sYG61tq4BvHWHkVBthS5lCHgAs4SzT40T1WcNlk49TwpiphywrmbyXyMXAXCCIz+6G iVAg== X-Gm-Message-State: AOUpUlHCJl3fvqg9scbuS1iJQzX8fgv1DHV3U1oYydGTfRJEDXboHA9S a6rmy486DP2HUq2EBvqk1S5UJql5+/xltxvIo68= X-Received: by 2002:a6b:f609:: with SMTP id n9-v6mr6397846ioh.259.1534357343923; Wed, 15 Aug 2018 11:22:23 -0700 (PDT) MIME-Version: 1.0 References: <20180815100053.13609-1-yannik@sembritzki.me> <654fbafb-69da-cd9a-b176-7b03401e71c5@sembritzki.me> In-Reply-To: From: Linus Torvalds Date: Wed, 15 Aug 2018 11:22:12 -0700 Message-ID: Subject: Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot To: yannik@sembritzki.me Cc: David Howells , Vivek Goyal , Thomas Gleixner , Ingo Molnar , Peter Anvin , "the arch/x86 maintainers" , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 15, 2018 at 11:19 AM Yannik Sembritzki wrote: > > > No, I meant that it would have to go into the proper header files, and > > also be used by verify_pkcs7_signature() and pkcs7_preparse() etc, so > > that you could actually grep for this, and understand what it does. > Thanks, Linus, I'll take care of this right away. > > This is my first patch and I'm not familiar with the kernel; can you > give me a quick hint which header file(s) would be the right place for > this #define? I think include/linux/verification.h is the right point, it's where verify_pkcs7_signature() is declared too (and "struct key" is forward-declared), so it would seem to make most sense there. Linus