[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 9 Sep 2020 10:40:31 -0700
From: Randy Dunlap <rdunlap@...radead.org>
To: Eric Snowberg <eric.snowberg@...cle.com>, dhowells@...hat.com,
dwmw2@...radead.org, jarkko.sakkinen@...ux.intel.com
Cc: herbert@...dor.apana.org.au, davem@...emloft.net,
jmorris@...ei.org, serge@...lyn.com, nayna@...ux.ibm.com,
zohar@...ux.ibm.com, erichte@...ux.ibm.com, mpe@...erman.id.au,
keyrings@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [PATCH v2] certs: Add EFI_CERT_X509_GUID support for dbx entries
On 9/9/20 10:27 AM, Eric Snowberg wrote:
> diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
> index 38ec7f5f9041..d8f2e0fdfbf4 100644
> --- a/include/crypto/pkcs7.h
> +++ b/include/crypto/pkcs7.h
> @@ -26,11 +26,19 @@ extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
> const void **_data, size_t *_datalen,
> size_t *_headerlen);
>
> +#ifdef CONFIG_PKCS7_MESSAGE_PARSER
> /*
> * pkcs7_trust.c
> */
> extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
> struct key *trust_keyring);
> +#else
> +static inline int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
> + struct key *trust_keyring)
> +{
> + return -ENOKEY;
> +}
> +#endif
Just to be clear, you want to do the #else block when
CONFIG_PKCS7_MESSAGE_PARSER=m. Is that correct?
If so, it might be clearer to use
#if IS_BUILTIN(CONFIG_PKCS7_MESSAGE_PARSER)
--
~Randy
Powered by blists - more mailing lists