diff mbox series

[v7,03/17] KEYS: Create static version of public_key_verify_signature

Message ID 20211116001545.2639333-4-eric.snowberg@oracle.com (mailing list archive)
State New, archived
Headers show
Series Enroll kernel keys thru MOK | expand

Commit Message

Eric Snowberg Nov. 16, 2021, 12:15 a.m. UTC 
The kernel test robot reports undefined reference to
public_key_verify_signature when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is
not defined. Create a static version in this case and return -EINVAL.

Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
---
v7: Initial version
---
 include/crypto/public_key.h | 9 +++++++++
 1 file changed, 9 insertions(+)

Comments

Mimi Zohar Nov. 17, 2021, 1:32 p.m. UTC | #1 
On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote:
> The kernel test robot reports undefined reference to
> public_key_verify_signature when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is
> not defined. Create a static version in this case and return -EINVAL.
> 
> Reported-by: kernel test robot <lkp@intel.com>
> Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>

Reviewed-by:  Mimi Zohar <zohar@linux.ibm.com>
Mimi Zohar Nov. 17, 2021, 1:53 p.m. UTC | #2 
On Wed, 2021-11-17 at 08:32 -0500, Mimi Zohar wrote:
> On Mon, 2021-11-15 at 19:15 -0500, Eric Snowberg wrote:
> > The kernel test robot reports undefined reference to
> > public_key_verify_signature when CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is
> > not defined. Create a static version in this case and return -EINVAL.
> > 
> > Reported-by: kernel test robot <lkp@intel.com>
> > Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
> 
> Reviewed-by:  Mimi Zohar <zohar@linux.ibm.com>

Perhaps this patch wouldn't be needed if 

+config INTEGRITY_MACHINE_KEYRING
+       bool "Provide a keyring to which CA Machine Owner Keys may be
added"
+       depends on SECONDARY_TRUSTED_KEYRING
+       depends on INTEGRITY_ASYMMETRIC_KEYS

depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y

+       depends on SYSTEM_BLACKLIST_KEYRING
+       depends on LOAD_UEFI_KEYS

Mimi
diff mbox series

Patch

diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index f603325c0c30..a9b2e600b7cc 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -80,7 +80,16 @@  extern int create_signature(struct kernel_pkey_params *, const void *, void *);
 extern int verify_signature(const struct key *,
 			    const struct public_key_signature *);
 
+#if IS_REACHABLE(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
 int public_key_verify_signature(const struct public_key *pkey,
 				const struct public_key_signature *sig);
+#else
+static inline
+int public_key_verify_signature(const struct public_key *pkey,
+				const struct public_key_signature *sig)
+{
+	return -EINVAL;
+}
+#endif
 
 #endif /* _LINUX_PUBLIC_KEY_H */