Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot

From: Linus Torvalds
Date: Wed Aug 15 2018 - 14:22:28 EST

Next message: Linus Torvalds: "Re: [PATCH 4.9 000/107] 4.9.120-stable review"
Previous message: Sebastian Gottschall: "Re: [PATCH 4.9 000/107] 4.9.120-stable review"
In reply to: Yannik Sembritzki: "Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot"
Next in thread: Yannik Sembritzki: "[PATCH 0/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Aug 15, 2018 at 11:19 AM Yannik Sembritzki <yannik@xxxxxxxxxxxxx> wrote:
>
> > No, I meant that it would have to go into the proper header files, and
> > also be used by verify_pkcs7_signature() and pkcs7_preparse() etc, so
> > that you could actually grep for this, and understand what it does.
> Thanks, Linus, I'll take care of this right away.
>
> This is my first patch and I'm not familiar with the kernel; can you
> give me a quick hint which header file(s) would be the right place for
> this #define?

I think

include/linux/verification.h

is the right point, it's where verify_pkcs7_signature() is declared
too (and "struct key" is forward-declared), so it would seem to make
most sense there.

Linus

Next message: Linus Torvalds: "Re: [PATCH 4.9 000/107] 4.9.120-stable review"
Previous message: Sebastian Gottschall: "Re: [PATCH 4.9 000/107] 4.9.120-stable review"
In reply to: Yannik Sembritzki: "Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot"
Next in thread: Yannik Sembritzki: "[PATCH 0/2] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]