From: Greg KH <gregkh@linuxfoundation.org>
To: Yannik Sembritzki <yannik@sembritzki.me>
Cc: dhowells@redhat.com, torvalds@linux-foundation.org,
stable@vger.kernel.org
Subject: Re: FAILED: patch "[PATCH] Replace magic for trusting the secondary keyring with #define" failed to apply to 4.9-stable tree
Date: Fri, 7 Sep 2018 13:00:30 +0200 [thread overview]
Message-ID: <20180907110030.GA1715@kroah.com> (raw)
In-Reply-To: <50d311b5-b94d-ac41-7f23-13deb846777d@sembritzki.me>
On Fri, Sep 07, 2018 at 12:32:48PM +0200, Yannik Sembritzki wrote:
> I've never backported a linux patch before; so I'm not sure if this is
> the right format.
> However, this cleanly applies to the linux-4.9.y branch.
> This is a backport of commit 817aef260037f33ee0f44c17fe341323d3aebd6d.
>
> ----------------------------
> Signed-off-by: Yannik Sembritzki <yannik@sembritzki.me>
> Cc: stable@vger.kernel.org
> ---
> �certs/system_keyring.c����������������� |��� 3 ++-
> �crypto/asymmetric_keys/pkcs7_key_type.c |��� 2 +-
> �include/linux/verification.h����������� |��� 6 ++++++
> �3 files changed, 9 insertions(+), 2 deletions(-)
>
> --- a/certs/system_keyring.c
> +++ b/certs/system_keyring.c
> @@ -15,5 +15,6 @@
> �#include <linux/cred.h>
> �#include <linux/err.h>
> +#include <linux/verification.h>
> �#include <keys/asymmetric-type.h>
> �#include <keys/system_keyring.h>
> �#include <crypto/pkcs7.h>
> @@ -230,7 +231,7 @@ int verify_pkcs7_signature(const void *d
> �
> ���� if (!trusted_keys) {
> ���� ��� trusted_keys = builtin_trusted_keys;
> -��� } else if (trusted_keys == (void *)1UL) {
> +��� } else if (trusted_keys == VERIFY_USE_SECONDARY_KEYRING) {
> �#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
> ���� ��� trusted_keys = secondary_trusted_keys;
> �#else
> --- a/crypto/asymmetric_keys/pkcs7_key_type.c
> +++ b/crypto/asymmetric_keys/pkcs7_key_type.c
> @@ -63,7 +63,7 @@ static int pkcs7_preparse(struct key_pre
> �
> ���� return verify_pkcs7_signature(NULL, 0,
> ���� ��� ��� ��� ����� prep->data, prep->datalen,
> -��� ��� ��� ��� ����� (void *)1UL, usage,
> +��� ��� ��� ��� ����� VERIFY_USE_SECONDARY_KEYRING, usage,
> ���� ��� ��� ��� ����� pkcs7_view_content, prep);
> �}
> �
> --- a/include/linux/verification.h
> +++ b/include/linux/verification.h
> @@ -13,6 +13,12 @@
> �#define _LINUX_VERIFICATION_H
> �
> �/*
> + * Indicate that both builtin trusted keys and secondary trusted keys
> + * should be used.
> + */
> +#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL)
> +
> +/*
> � * The use to which an asymmetric key is being put.
> � */
> �enum key_being_used_for {
The patch is whitespace damaged and can not be applied :(
Care to fix that up and resend it?
thanks,
greg k-h
prev parent reply other threads:[~2018-09-07 15:41 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-07 9:13 FAILED: patch "[PATCH] Replace magic for trusting the secondary keyring with #define" failed to apply to 4.9-stable tree gregkh
2018-09-07 10:32 ` Yannik Sembritzki
2018-09-07 11:00 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180907110030.GA1715@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=dhowells@redhat.com \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=yannik@sembritzki.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.