lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 23 Nov 2013 02:32:29 +0000 (UTC)
From:	Jongman Heo <jongman.heo@...sung.com>
To:	linux-kernel@...r.kernel.org
Subject: Re: Linux 3.13-rc1 is out

James Cloos <cloos <at> jhcloos.com> writes:

> 
> This combination:
> 
> # CONFIG_SYSTEM_TRUSTED_KEYRING is not set
> CONFIG_TRUSTED_KEYS=m
> 
> (acquired by oldconfig and N to system keyring)
> 
> fails with:
> 
> Pass 2
>   CC [M]  crypto/asymmetric_keys/x509_rsakey-asn1.o
>   CC [M]  crypto/asymmetric_keys/x509_cert_parser.o
>   CC [M]  crypto/asymmetric_keys/x509_public_key.o
> crypto/asymmetric_keys/x509_public_key.c: In 
function ‘x509_key_preparse’:
> crypto/asymmetric_keys/x509_public_key.c:237:35: 
error: ‘system_trusted_keyring’
> undeclared (first use in this function)
>    ret = x509_validate_trust(cert, system_trusted_keyring);
>                                    ^
> crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared 
identifier is reported
> only once for each function it appears in
> make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
> make[1]: *** [crypto/asymmetric_keys] Error 2
> make: *** [crypto] Error 2
> 
> Perhaps include/keys/system_keyring.h should have a definition for
> system_trusted_keyring in the #ifndef CONFIG_SYSTEM_TRUSTED_KEYRING
> case (which may entail just removing the #ifdef).
> 
> Commits b56e5a17b6b9acd1 and 09fbc47373826d67 are relevant.
> 
> -JimC

I have same problem too.

Using following band-aid patch (though I'm not sure it's correct), build 
is ok;

--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -67,6 +67,7 @@ int integrity_digsig_verify(const unsigned int id, const 
char *sig, int siglen,
        return -EOPNOTSUPP;
 }
 
+#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
 int integrity_init_keyring(const unsigned int id)
 {
        const struct cred *cred = current_cred();
@@ -84,3 +85,4 @@ int integrity_init_keyring(const unsigned int id)
                        keyring_name[id], PTR_ERR(keyring[id]));
        return 0;
 }
+#endif

But, I encounter another build issue;

  CC      crypto/asymmetric_keys/x509_public_key.o
crypto/asymmetric_keys/x509_public_key.c: In function 
‘x509_key_preparse’:
crypto/asymmetric_keys/x509_public_key.c:237:35: error: 
‘system_trusted_keyring’ undeclared (first use in this function)
   ret = x509_validate_trust(cert, system_trusted_keyring);
                                   ^
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared 
identifier is reported only once for each function it appears in
make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
make[1]: *** [crypto/asymmetric_keys] Error 2
make: *** [crypto] Error 2


Looks like it's caused by following combination...

# CONFIG_SYSTEM_TRUSTED_KEYRING is not set
CONFIG_X509_CERTIFICATE_PARSER=y


Jongman Heo

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ