From: Jongman Heo <jongman.heo@samsung.com>
To: linux-kernel@vger.kernel.org
Subject: Re: Linux 3.13-rc1 is out
Date: Sat, 23 Nov 2013 02:32:29 +0000 (UTC) [thread overview]
Message-ID: <loom.20131123T032923-567@post.gmane.org> (raw)
In-Reply-To: m3li0gndnk.fsf@carbon.jhcloos.org
James Cloos <cloos <at> jhcloos.com> writes:
>
> This combination:
>
> # CONFIG_SYSTEM_TRUSTED_KEYRING is not set
> CONFIG_TRUSTED_KEYS=m
>
> (acquired by oldconfig and N to system keyring)
>
> fails with:
>
> Pass 2
> CC [M] crypto/asymmetric_keys/x509_rsakey-asn1.o
> CC [M] crypto/asymmetric_keys/x509_cert_parser.o
> CC [M] crypto/asymmetric_keys/x509_public_key.o
> crypto/asymmetric_keys/x509_public_key.c: In
function ‘x509_key_preparse’:
> crypto/asymmetric_keys/x509_public_key.c:237:35:
error: ‘system_trusted_keyring’
> undeclared (first use in this function)
> ret = x509_validate_trust(cert, system_trusted_keyring);
> ^
> crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared
identifier is reported
> only once for each function it appears in
> make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
> make[1]: *** [crypto/asymmetric_keys] Error 2
> make: *** [crypto] Error 2
>
> Perhaps include/keys/system_keyring.h should have a definition for
> system_trusted_keyring in the #ifndef CONFIG_SYSTEM_TRUSTED_KEYRING
> case (which may entail just removing the #ifdef).
>
> Commits b56e5a17b6b9acd1 and 09fbc47373826d67 are relevant.
>
> -JimC
I have same problem too.
Using following band-aid patch (though I'm not sure it's correct), build
is ok;
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -67,6 +67,7 @@ int integrity_digsig_verify(const unsigned int id, const
char *sig, int siglen,
return -EOPNOTSUPP;
}
+#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
int integrity_init_keyring(const unsigned int id)
{
const struct cred *cred = current_cred();
@@ -84,3 +85,4 @@ int integrity_init_keyring(const unsigned int id)
keyring_name[id], PTR_ERR(keyring[id]));
return 0;
}
+#endif
But, I encounter another build issue;
CC crypto/asymmetric_keys/x509_public_key.o
crypto/asymmetric_keys/x509_public_key.c: In function
‘x509_key_preparse’:
crypto/asymmetric_keys/x509_public_key.c:237:35: error:
‘system_trusted_keyring’ undeclared (first use in this function)
ret = x509_validate_trust(cert, system_trusted_keyring);
^
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared
identifier is reported only once for each function it appears in
make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
make[1]: *** [crypto/asymmetric_keys] Error 2
make: *** [crypto] Error 2
Looks like it's caused by following combination...
# CONFIG_SYSTEM_TRUSTED_KEYRING is not set
CONFIG_X509_CERTIFICATE_PARSER=y
Jongman Heo
next prev parent reply other threads:[~2013-11-23 2:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-22 20:36 Linux 3.13-rc1 is out Linus Torvalds
2013-11-23 0:43 ` Matthew Garrett
2013-11-23 1:08 ` Linus Torvalds
2013-11-23 0:51 ` James Cloos
2013-11-23 2:32 ` Jongman Heo [this message]
2013-11-23 0:58 ` Shuah Khan
2013-11-25 0:10 ` linux-next stats (Was: Linux 3.13-rc1 is out) Stephen Rothwell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=loom.20131123T032923-567@post.gmane.org \
--to=jongman.heo@samsung.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox