From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oi1-x242.google.com (mail-oi1-x242.google.com [IPv6:2607:f8b0:4864:20::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6DD94211DF232 for ; Tue, 19 Mar 2019 18:37:41 -0700 (PDT) Received: by mail-oi1-x242.google.com with SMTP id x188so497017oia.13 for ; Tue, 19 Mar 2019 18:37:41 -0700 (PDT) MIME-Version: 1.0 References: <155297557534.2276575.16264199708584900090.stgit@dwillia2-desk3.amr.corp.intel.com> <155297558570.2276575.11731393787282486177.stgit@dwillia2-desk3.amr.corp.intel.com> <1553040398.4899.149.camel@linux.ibm.com> <1553044252.4899.165.camel@linux.ibm.com> In-Reply-To: From: Dan Williams Date: Tue, 19 Mar 2019 18:37:29 -0700 Message-ID: Subject: Re: [PATCH 2/6] security/keys/encrypted: Clean up request_trusted_key() List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: linux-nvdimm-bounces@lists.01.org Sender: "Linux-nvdimm" To: Mimi Zohar Cc: linux-nvdimm , James Bottomley , Linux Kernel Mailing List , David Howells , keyrings@vger.kernel.org List-ID: On Tue, Mar 19, 2019 at 6:34 PM Dan Williams wrote: > > On Tue, Mar 19, 2019 at 6:11 PM Mimi Zohar wrote: > > > > On Tue, 2019-03-19 at 17:20 -0700, Dan Williams wrote: > > > On Tue, Mar 19, 2019 at 5:07 PM Mimi Zohar wrote: > > > > On Mon, 2019-03-18 at 23:06 -0700, Dan Williams wrote: > > > > > > > > diff --git a/security/keys/key.c b/security/keys/key.c > > > > > index 696f1c092c50..9045b62afb04 100644 > > > > > --- a/security/keys/key.c > > > > > +++ b/security/keys/key.c > > > > > @@ -706,6 +706,7 @@ struct key_type *key_type_lookup(const char *type) > > > > > found_kernel_type: > > > > > return ktype; > > > > > } > > > > > +EXPORT_SYMBOL_GPL(key_type_lookup); > > > > > > This needs to be moved to patch1. > > > > > > > Only the kernel is calling key_type_lookup(). Why does > > > > key_type_lookup() need to be exported? > > > > > > This patch series adds several new callers outside of keys-subsystem > > > core that need this export, the first one being encrypted-keys itself > > > in patch1. > > > > It's needed, because they could be compiled as kernel modules, not > > builtin (eg. EVM). > > > > Right, but now I realize a problem. The side effect of having direct > module dependencies to the key_type_{encrypted,trusted} symbols is > that module reference counting is handled automatically. > > So, I need to respin this with some explicit try_module_get() and > module_put() added otherwise the encrypted_keys facility can be > removed while active keys are instantiated. ...and now I'm wondering if this refactoring is getting too big and should wait for v5.2. In the meantime apply my small fix for v5.1 https://patchwork.kernel.org/patch/10858649/ _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm