* Re: linux-next: Tree for Jan 18 [MODSIGN: KEYS:]
@ 2013-01-18 21:43 Sedat Dilek
2013-01-18 21:51 ` Sedat Dilek
0 siblings, 1 reply; 5+ messages in thread
From: Sedat Dilek @ 2013-01-18 21:43 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: linux-next, linux-kernel, David Howells, Rusty Russell
On Fri, Jan 18, 2013 at 5:37 AM, Stephen Rothwell <sfr@canb•auug.org.au> wrote:
> Hi all,
>
> Changes since 20130117:
>
> Undropped tree: samung
>
> The powerpc tree still had a build failure.
>
> The driver-core tree gained a build failure for which I applied a merge
> fix patch.
>
> The gpio-lw tree gained a build failure so I used the version from
> next-20130117.
>
> The samsung tree lost the majority of its conflicts but gained more
> against the arm-soc and slave-dma tree.
>
> ----------------------------------------------------------------------------
>
I pulled Linux v3.8-rc4 (one commit) into next-20130118.
When CONFIG_SYSTEM_TRUSTED_KEYRING=n I see these error-messages on AMD64:
CC security/keys/keyring.o
CC kernel/module_signing.o
CC [M] arch/x86/kvm/i8259.o
kernel/module_signing.c: In function 'request_asymmetric_key':
kernel/module_signing.c:161:36: error: 'system_trusted_keyring'
undeclared (first use in this function)
kernel/module_signing.c:161:36: note: each undeclared identifier is
reported only once for each function it appears in
make[3]: *** [kernel/module_signing.o] Error 1
make[2]: *** [kernel] Error 2
make[2]: *** Waiting for unfinished jobs....
- Sedat -
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: linux-next: Tree for Jan 18 [MODSIGN: KEYS:]
2013-01-18 21:43 linux-next: Tree for Jan 18 [MODSIGN: KEYS:] Sedat Dilek
@ 2013-01-18 21:51 ` Sedat Dilek
2013-01-18 22:54 ` David Howells
0 siblings, 1 reply; 5+ messages in thread
From: Sedat Dilek @ 2013-01-18 21:51 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: linux-next, linux-kernel, David Howells, Rusty Russell
On Fri, Jan 18, 2013 at 10:43 PM, Sedat Dilek <sedat.dilek@gmail•com> wrote:
> On Fri, Jan 18, 2013 at 5:37 AM, Stephen Rothwell <sfr@canb•auug.org.au> wrote:
>> Hi all,
>>
>> Changes since 20130117:
>>
>> Undropped tree: samung
>>
>> The powerpc tree still had a build failure.
>>
>> The driver-core tree gained a build failure for which I applied a merge
>> fix patch.
>>
>> The gpio-lw tree gained a build failure so I used the version from
>> next-20130117.
>>
>> The samsung tree lost the majority of its conflicts but gained more
>> against the arm-soc and slave-dma tree.
>>
>> ----------------------------------------------------------------------------
>>
>
> I pulled Linux v3.8-rc4 (one commit) into next-20130118.
>
> When CONFIG_SYSTEM_TRUSTED_KEYRING=n I see these error-messages on AMD64:
>
> CC security/keys/keyring.o
> CC kernel/module_signing.o
> CC [M] arch/x86/kvm/i8259.o
> kernel/module_signing.c: In function 'request_asymmetric_key':
> kernel/module_signing.c:161:36: error: 'system_trusted_keyring'
> undeclared (first use in this function)
> kernel/module_signing.c:161:36: note: each undeclared identifier is
> reported only once for each function it appears in
> make[3]: *** [kernel/module_signing.o] Error 1
> make[2]: *** [kernel] Error 2
> make[2]: *** Waiting for unfinished jobs....
>
Culprit seems to be...
commit d6941c0c6bd42c725e45240a86c4add92e9bfb3e
"KEYS: Separate the kernel signature checking keyring from module signing"
- Sedat -
[1] http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=commitdiff;h=d6941c0c6bd42c725e45240a86c4add92e9bfb3e
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: linux-next: Tree for Jan 18 [MODSIGN: KEYS:]
2013-01-18 21:51 ` Sedat Dilek
@ 2013-01-18 22:54 ` David Howells
2013-01-18 23:04 ` Sedat Dilek
0 siblings, 1 reply; 5+ messages in thread
From: David Howells @ 2013-01-18 22:54 UTC (permalink / raw)
To: sedat.dilek
Cc: dhowells, Stephen Rothwell, linux-next, linux-kernel,
Rusty Russell
Sedat Dilek <sedat.dilek@gmail•com> wrote:
> Culprit seems to be...
>
> commit d6941c0c6bd42c725e45240a86c4add92e9bfb3e
> "KEYS: Separate the kernel signature checking keyring from module signing"
Try updating. I pushed a new version out today. This is now at commit ID
c82af351e270e0d95059d09a1975b61494fbbcd7.
David
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: linux-next: Tree for Jan 18 [MODSIGN: KEYS:]
2013-01-18 22:54 ` David Howells
@ 2013-01-18 23:04 ` Sedat Dilek
2013-01-18 23:27 ` Sedat Dilek
0 siblings, 1 reply; 5+ messages in thread
From: Sedat Dilek @ 2013-01-18 23:04 UTC (permalink / raw)
To: David Howells; +Cc: Stephen Rothwell, linux-next, linux-kernel, Rusty Russell
On Fri, Jan 18, 2013 at 11:54 PM, David Howells <dhowells@redhat•com> wrote:
> Sedat Dilek <sedat.dilek@gmail•com> wrote:
>
>> Culprit seems to be...
>>
>> commit d6941c0c6bd42c725e45240a86c4add92e9bfb3e
>> "KEYS: Separate the kernel signature checking keyring from module signing"
>
> Try updating. I pushed a new version out today. This is now at commit ID
> c82af351e270e0d95059d09a1975b61494fbbcd7.
>
Thanks for the information!
OK, I see... s/select/depends on...
+config SYSTEM_TRUSTED_KEYRING
+ bool "Provide system-wide ring of trusted keys"
-+ select KEYS
++ depends on KEYS
That should fix it :-).
I set SYSTEM_TRUSTED_KEYRING=y in kernel-config.
BAD: http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=patch;h=d6941c0c6bd42c725e45240a86c4add92e9bfb3e
GOOD: http://git.kernel.org/?p=linux/kernel/git/dhowells/linux-modsign.git;a=patch;h=c82af351e270e0d95059d09a1975b61494fbbcd7
- Sedat -
> David
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: linux-next: Tree for Jan 18 [MODSIGN: KEYS:]
2013-01-18 23:04 ` Sedat Dilek
@ 2013-01-18 23:27 ` Sedat Dilek
0 siblings, 0 replies; 5+ messages in thread
From: Sedat Dilek @ 2013-01-18 23:27 UTC (permalink / raw)
To: David Howells; +Cc: Stephen Rothwell, linux-next, linux-kernel, Rusty Russell
[-- Attachment #1: Type: text/plain, Size: 1224 bytes --]
On Sat, Jan 19, 2013 at 12:04 AM, Sedat Dilek <sedat.dilek@gmail•com> wrote:
> On Fri, Jan 18, 2013 at 11:54 PM, David Howells <dhowells@redhat•com> wrote:
>> Sedat Dilek <sedat.dilek@gmail•com> wrote:
>>
>>> Culprit seems to be...
>>>
>>> commit d6941c0c6bd42c725e45240a86c4add92e9bfb3e
>>> "KEYS: Separate the kernel signature checking keyring from module signing"
>>
>> Try updating. I pushed a new version out today. This is now at commit ID
>> c82af351e270e0d95059d09a1975b61494fbbcd7.
>>
>
> Thanks for the information!
>
> OK, I see... s/select/depends on...
>
> +config SYSTEM_TRUSTED_KEYRING
> + bool "Provide system-wide ring of trusted keys"
> -+ select KEYS
> ++ depends on KEYS
>
> That should fix it :-).
> I set SYSTEM_TRUSTED_KEYRING=y in kernel-config.
>
> BAD: http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=patch;h=d6941c0c6bd42c725e45240a86c4add92e9bfb3e
>
> GOOD: http://git.kernel.org/?p=linux/kernel/git/dhowells/linux-modsign.git;a=patch;h=c82af351e270e0d95059d09a1975b61494fbbcd7
>
I tried to revert the bad commit and replace it with the good one, but
this seems to be more work.
So, I fixed it up like in the attached patch.
- Sedat -
> - Sedat -
>
>> David
[-- Attachment #2: 0001-KEYS-Fix-build-error-when-SYSTEM_TRUSTED_KEYRING-n.patch --]
[-- Type: application/octet-stream, Size: 1321 bytes --]
From 2d744548ed1cc68e9ed3f08aef1529e904eb2810 Mon Sep 17 00:00:00 2001
From: Sedat Dilek <sedat.dilek@gmail•com>
Date: Sat, 19 Jan 2013 00:11:40 +0100
Subject: [PATCH] KEYS: Fix build-error when SYSTEM_TRUSTED_KEYRING=n
When SYSTEM_TRUSTED_KEYRING=n my build fails like this:
kernel/module_signing.c: In function 'request_asymmetric_key':
kernel/module_signing.c:161:36: error: 'system_trusted_keyring' undeclared (first use in this function)
kernel/module_signing.c:161:36: note: each undeclared identifier is reported only once for each function it appears in
Fix this by replacing "select" with "depends on" KEYS Kconfig.
For more details follow the thread in [1].
[1] http://marc.info/?t=135854545000001&r=1&w=2
Tested against Linux-Next (next-20130118).
Signed-off-by: Sedat Dilek <sedat.dilek@gmail•com>
---
init/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/init/Kconfig b/init/Kconfig
index fb2959d..f7e1b32 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1607,7 +1607,7 @@ config BASE_SMALL
config SYSTEM_TRUSTED_KEYRING
bool "Provide system-wide ring of trusted keys"
- select KEYS
+ depends on KEYS
help
Provide a system keyring to which trusted keys can be added. Keys in
the keyring are considered to be trusted. Keys may be added at will
--
1.8.1.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2013-01-18 23:27 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-01-18 21:43 linux-next: Tree for Jan 18 [MODSIGN: KEYS:] Sedat Dilek
2013-01-18 21:51 ` Sedat Dilek
2013-01-18 22:54 ` David Howells
2013-01-18 23:04 ` Sedat Dilek
2013-01-18 23:27 ` Sedat Dilek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox