| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 May 2016 17:26:23 +0000 From: Jamie Heilman <jamie@...ible.transient.net> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: David Howells <dhowells@...hat.com>, linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: v4.6-rc1 regression bisected, Problem loading in-kernel X.509 certificate (-2) Herbert Xu wrote: > On Sat, Apr 30, 2016 at 08:32:48AM +0000, Jamie Heilman wrote: > > I usually build my kernels to require module signatures and use > > automatic signing. As of v4.6-rc1 I'm getting this on boot: > > > > Problem loading in-kernel X.509 certificate (-2) > > > > I bisected that to commit d43de6c780a84def056afaf4fb3e66bdaa1efc00 > > (akcipher: Move the RSA DER encoding check to the crypto layer) > > > > For some reason after this commit my system keyring always ends up > > empty. I use the deb-pkg make target. My kernel config can > > be found at > > http://audible.transient.net/~jamie/k/modsign.config-4.6.0-rc5-guest > > > > Let me know if you need anything else. > > David, any ideas on this problem? If we can't get a quick fix > on this then we'll have to revert. > > Jamie, does reverting this patch by itself resolve the problem? Haven't tried that, given the nature of the change I just assumed it would break too much, but I'll give it a shot this evening after work. -- Jamie Heilman http://audible.transient.net/~jamie/
Powered by blists - more mailing lists