lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <87txf3pem2.fsf@nemi.mork.no>
Date:	Sat, 23 Nov 2013 12:00:21 +0100
From:	Bjørn Mork <bjorn@...k.no>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	David Howells <dhowells@...hat.com>, linux-kernel@...r.kernel.org,
	linux-crypto@...r.kernel.org
Subject: v3.13-rc1: "‘system_trusted_keyring’ undeclared" caused by commit 09fbc47373826 ("KEYS:
 verify a certificate is signed by a 'trusted' key")

This commit

commit 09fbc47373826d67531380662b516de2da120545
Author: Mimi Zohar <zohar@...ux.vnet.ibm.com>
Date:   Tue Aug 20 14:36:27 2013 -0400

    KEYS: verify a certificate is signed by a 'trusted' key
    
    Only public keys, with certificates signed by an existing
    'trusted' key on the system trusted keyring, should be added
    to a trusted keyring.  This patch adds support for verifying
    a certificate's signature.
    
    This is derived from David Howells pkcs7_request_asymmetric_key() patch.
    
    Signed-off-by: Mimi Zohar <zohar@...ux.vnet.ibm.com>
    Signed-off-by: David Howells <dhowells@...hat.com>

results in this error with the attached .config:

bjorn@...ardo:/usr/local/src/build-tmp/linux$ make -j4 deb-pkg
  CHK     include/config/kernel.release
make KBUILD_SRC=
make[3]: Nothing to be done for `all'.
  CHK     include/config/kernel.release
  CHK     include/generated/uapi/linux/version.h
make[3]: Nothing to be done for `relocs'.
  CHK     include/generated/utsrelease.h
  CALL    scripts/checksyscalls.sh
<stdin>:1223:2: warning: #warning syscall finit_module not implemented [-Wcpp]
  CHK     include/generated/compile.h
make[5]: `arch/x86/realmode/rm/realmode.bin' is up to date.
  LD      crypto/crypto.o
  CC [M]  crypto/asymmetric_keys/x509-asn1.o
  CC [M]  crypto/asymmetric_keys/x509_rsakey-asn1.o
  CC [M]  crypto/asymmetric_keys/x509_cert_parser.o
  CC [M]  crypto/async_tx/async_tx.o
  CC [M]  crypto/asymmetric_keys/x509_public_key.o
crypto/asymmetric_keys/x509_public_key.c: In function ‘x509_key_preparse’:
crypto/asymmetric_keys/x509_public_key.c:237:35: error: ‘system_trusted_keyring’ undeclared (first use in this function)
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared identifier is reported only once for each function it appears in
make[4]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
make[3]: *** [crypto/asymmetric_keys] Error 2
make[3]: *** Waiting for unfinished jobs....
  CC [M]  crypto/async_tx/async_memcpy.o
  CC [M]  crypto/async_tx/async_xor.o
  CC [M]  crypto/async_tx/async_pq.o
  CC [M]  crypto/async_tx/async_raid6_recov.o
make[2]: *** [crypto] Error 2
make[2]: *** Waiting for unfinished jobs....
make[1]: *** [deb-pkg] Error 2
make: *** [deb-pkg] Error 2


I've confirmed that reverting the commit resolves the error, but I
assume that the proper fix is adding the missing dependency.



Bjørn




Download attachment "config.gz" of type "application/x-gzip" (24424 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ