Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3693863pxj; Tue, 1 Jun 2021 11:00:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwdmKwnF0ZlXg8MzkZ8WpAmffjsRnMSnUswIeYOCQ4mfam6CtRu0l/T/e5fFhVyBYngCusU X-Received: by 2002:aa7:dc12:: with SMTP id b18mr33678023edu.52.1622570404402; Tue, 01 Jun 2021 11:00:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622570404; cv=none; d=google.com; s=arc-20160816; b=Pyn9R8RF2zBlMvaxttvH0DDFULxs+e/9c3BNpPgRlc02KjaGWC+A/uxfOom3T562Yj ns+VgfMyKpgByIVaV4PDatSBFiRBl+kkfRol5NpYzAzU/xmwJ2ErmZ10QIqlaRcgW7Nl xc5O4hSOrlOHUh/OAQ0c2geGnLKXr+hSbd029ElB+Wlvm5FIXXE0q3Gfpi/X1k2fJnO7 e/XKTM6e7ZoK2/d1X/MoHGaJpAEPejYnBSUx2gTJUJrWDwkIHzIB4DSIi5b8DRNkqlMO rCGiOVokplg0AG6WbCApCxgBNkikcMEJkdee+8piieKeTsm75bsQbHkhM1sMAa7e/pch owMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=nu0tJ26T2OwCYep9hUpWOQp/3e1HxmmYZieSgc+wGPI=; b=DcuLTdXl7XwYYEQkK5jDmcpPJ+dAMN5Ks6hyOpFiVDMvTZMByc2I1wYr0QEu7IhZU4 1Z8bRaKccLDsPE8FKPDAg1ClPPNfEx3Gtj/ALzUfITv6PEV09sV/qYf3lLkBhnIYLx24 8/6UHHiI2jKzzkkCZ14KlVGs8Ml9Xj0GEmck6pSaN1VK7GujMyGZdY2tiBPncMLfpQFv GAxExyi31Edoxm9L6jBT09NlYjT2AdEzqnZ8bzLoe7Sl/rd6NXB3pnTD4Dtyc1OlmlFZ M4aVWW8JUGUw2D75QwxzGDXO7he8fADfQQToVEpnIcGgNu1FUSqO1hUCPhRtHa9NdYIz YegQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Rddcm3FO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v21si13170898edi.397.2021.06.01.10.59.41; Tue, 01 Jun 2021 11:00:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Rddcm3FO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234665AbhFASAY (ORCPT + 99 others); Tue, 1 Jun 2021 14:00:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:36280 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231331AbhFASAY (ORCPT ); Tue, 1 Jun 2021 14:00:24 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 1EBFB61375; Tue, 1 Jun 2021 17:58:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1622570322; bh=m6UKi9NkcvUQfNe74vrYXbvMtDoD1pgdMVNQhtu02sc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Rddcm3FO/E+i6q6srd+/vTeN5/b7srk8oLfkEEDmOSvE2ST8kvk2LG5J24tO3G2cC PByMTKWSzyHRG+W6Y79ORIvC8Vee3s9v5nezs6nlygPOhqqsdolXemTjRKhUz/TTkx eqOT3FDtVRaze/pBdOQWOYxtQMlcK3Rpp0umNg4W1qOEvA5JT3ymGCl3Y83mCRi1Uz IbTbSxixx7GgGI+eVFY8AjCOv0hz/KgL9XM4zWxQ/rWKPWtD9a6Tc+UXpqolTqbBZP SV/Oi6MZuz2FWZP8MkJcmCnn+/F6rNC2F4ebvPTlgkloCYlf8ePvf9nhIjcAS8hxDU 5wdL7tl33nIJw== Date: Tue, 1 Jun 2021 20:58:40 +0300 From: Jarkko Sakkinen To: Stefan Berger Cc: jeyu@kernel.org, keyrings@vger.kernel.org, dhowells@redhat.com, dwmw2@infradead.org, zohar@linux.ibm.com, nayna@linux.ibm.com, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v5 1/2] certs: Trigger creation of RSA module signing key if it's not an RSA key Message-ID: <20210601175840.nzgkon3ocdifntav@kernel.org> References: <20210601105245.213767-1-stefanb@linux.ibm.com> <20210601105245.213767-2-stefanb@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210601105245.213767-2-stefanb@linux.ibm.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 01, 2021 at 06:52:44AM -0400, Stefan Berger wrote: > Address a kbuild issue where a developer created an ECDSA key for signing > kernel modules and then builds an older version of the kernel, when bi- > secting the kernel for example, that does not support ECDSA keys. > > Trigger the creation of an RSA module signing key if it is not an RSA key. > > Fixes: cfc411e7fff3 ("Move certificate handling to its own directory") > Signed-off-by: Stefan Berger > Reviewed-by: Jarkko Sakkinen > Tested-by: Mimi Zohar I've applied these to git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git Can revert too but do not mind taking care of these patches as they are not intrusive in any possible way. /Jarkko