Re: Linux 3.13-rc1 is out

From: Jongman Heo
Date: Fri Nov 22 2013 - 21:40:15 EST

Next message: Chao Yu: "RE: [f2fs-dev] [PATCH V3 2/2] f2fs: read contiguous sit entry pages bymerging for mount performance"
Previous message: Weijie Yang: "Re: [PATCH v3] mm/zswap: change zswap to writethrough cache"
In reply to: James Cloos: "Re: Linux 3.13-rc1 is out"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

James Cloos <cloos <at> jhcloos.com> writes:

>
> This combination:
>
> # CONFIG_SYSTEM_TRUSTED_KEYRING is not set
> CONFIG_TRUSTED_KEYS=m
>
> (acquired by oldconfig and N to system keyring)
>
> fails with:
>
> Pass 2
> CC [M] crypto/asymmetric_keys/x509_rsakey-asn1.o
> CC [M] crypto/asymmetric_keys/x509_cert_parser.o
> CC [M] crypto/asymmetric_keys/x509_public_key.o
> crypto/asymmetric_keys/x509_public_key.c: In
function âx509_key_preparseâ:
> crypto/asymmetric_keys/x509_public_key.c:237:35:
error: âsystem_trusted_keyringâ
> undeclared (first use in this function)
> ret = x509_validate_trust(cert, system_trusted_keyring);
> ^
> crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared
identifier is reported
> only once for each function it appears in
> make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
> make[1]: *** [crypto/asymmetric_keys] Error 2
> make: *** [crypto] Error 2
>
> Perhaps include/keys/system_keyring.h should have a definition for
> system_trusted_keyring in the #ifndef CONFIG_SYSTEM_TRUSTED_KEYRING
> case (which may entail just removing the #ifdef).
>
> Commits b56e5a17b6b9acd1 and 09fbc47373826d67 are relevant.
>
> -JimC

I have same problem too.

Using following band-aid patch (though I'm not sure it's correct), build
is ok;

--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -67,6 +67,7 @@ int integrity_digsig_verify(const unsigned int id, const
char *sig, int siglen,
return -EOPNOTSUPP;
}

+#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
int integrity_init_keyring(const unsigned int id)
{
const struct cred *cred = current_cred();
@@ -84,3 +85,4 @@ int integrity_init_keyring(const unsigned int id)
keyring_name[id], PTR_ERR(keyring[id]));
return 0;
}
+#endif

But, I encounter another build issue;

CC crypto/asymmetric_keys/x509_public_key.o
crypto/asymmetric_keys/x509_public_key.c: In function
ÃâËx509_key_preparseÃââ:
crypto/asymmetric_keys/x509_public_key.c:237:35: error:
ÃâËsystem_trusted_keyringÃââ undeclared (first use in this function)
ret = x509_validate_trust(cert, system_trusted_keyring);
^
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared
identifier is reported only once for each function it appears in
make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
make[1]: *** [crypto/asymmetric_keys] Error 2
make: *** [crypto] Error 2

Looks like it's caused by following combination...

# CONFIG_SYSTEM_TRUSTED_KEYRING is not set
CONFIG_X509_CERTIFICATE_PARSER=y

Jongman Heo

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chao Yu: "RE: [f2fs-dev] [PATCH V3 2/2] f2fs: read contiguous sit entry pages bymerging for mount performance"
Previous message: Weijie Yang: "Re: [PATCH v3] mm/zswap: change zswap to writethrough cache"
In reply to: James Cloos: "Re: Linux 3.13-rc1 is out"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]