From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:49398 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727764AbeIGPlA (ORCPT ); Fri, 7 Sep 2018 11:41:00 -0400 Date: Fri, 7 Sep 2018 13:00:30 +0200 From: Greg KH To: Yannik Sembritzki Cc: dhowells@redhat.com, torvalds@linux-foundation.org, stable@vger.kernel.org Subject: Re: FAILED: patch "[PATCH] Replace magic for trusting the secondary keyring with #define" failed to apply to 4.9-stable tree Message-ID: <20180907110030.GA1715@kroah.com> References: <153631162118107@kroah.com> <50d311b5-b94d-ac41-7f23-13deb846777d@sembritzki.me> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <50d311b5-b94d-ac41-7f23-13deb846777d@sembritzki.me> Sender: stable-owner@vger.kernel.org List-ID: On Fri, Sep 07, 2018 at 12:32:48PM +0200, Yannik Sembritzki wrote: > I've never backported a linux patch before; so I'm not sure if this is > the right format. > However, this cleanly applies to the linux-4.9.y branch. > This is a backport of commit 817aef260037f33ee0f44c17fe341323d3aebd6d. > > ---------------------------- > Signed-off-by: Yannik Sembritzki > Cc: stable@vger.kernel.org > --- > �certs/system_keyring.c����������������� |��� 3 ++- > �crypto/asymmetric_keys/pkcs7_key_type.c |��� 2 +- > �include/linux/verification.h����������� |��� 6 ++++++ > �3 files changed, 9 insertions(+), 2 deletions(-) > > --- a/certs/system_keyring.c > +++ b/certs/system_keyring.c > @@ -15,5 +15,6 @@ > �#include > �#include > +#include > �#include > �#include > �#include > @@ -230,7 +231,7 @@ int verify_pkcs7_signature(const void *d > � > ���� if (!trusted_keys) { > ���� ��� trusted_keys = builtin_trusted_keys; > -��� } else if (trusted_keys == (void *)1UL) { > +��� } else if (trusted_keys == VERIFY_USE_SECONDARY_KEYRING) { > �#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING > ���� ��� trusted_keys = secondary_trusted_keys; > �#else > --- a/crypto/asymmetric_keys/pkcs7_key_type.c > +++ b/crypto/asymmetric_keys/pkcs7_key_type.c > @@ -63,7 +63,7 @@ static int pkcs7_preparse(struct key_pre > � > ���� return verify_pkcs7_signature(NULL, 0, > ���� ��� ��� ��� ����� prep->data, prep->datalen, > -��� ��� ��� ��� ����� (void *)1UL, usage, > +��� ��� ��� ��� ����� VERIFY_USE_SECONDARY_KEYRING, usage, > ���� ��� ��� ��� ����� pkcs7_view_content, prep); > �} > � > --- a/include/linux/verification.h > +++ b/include/linux/verification.h > @@ -13,6 +13,12 @@ > �#define _LINUX_VERIFICATION_H > � > �/* > + * Indicate that both builtin trusted keys and secondary trusted keys > + * should be used. > + */ > +#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL) > + > +/* > � * The use to which an asymmetric key is being put. > � */ > �enum key_being_used_for { The patch is whitespace damaged and can not be applied :( Care to fix that up and resend it? thanks, greg k-h