Re: Linux 3.13-rc1 is out

Fri, 22 Nov 2013 18:41:25 -0800 

James Cloos <cloos <at> jhcloos.com> writes:

> 
> This combination:
> 
> # CONFIG_SYSTEM_TRUSTED_KEYRING is not set
> CONFIG_TRUSTED_KEYS=m
> 
> (acquired by oldconfig and N to system keyring)
> 
> fails with:
> 
> Pass 2
>   CC [M]  crypto/asymmetric_keys/x509_rsakey-asn1.o
>   CC [M]  crypto/asymmetric_keys/x509_cert_parser.o
>   CC [M]  crypto/asymmetric_keys/x509_public_key.o
> crypto/asymmetric_keys/x509_public_key.c: In 
function ‘x509_key_preparse’:
> crypto/asymmetric_keys/x509_public_key.c:237:35: 
error: ‘system_trusted_keyring’
> undeclared (first use in this function)
>    ret = x509_validate_trust(cert, system_trusted_keyring);
>                                    ^
> crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared 
identifier is reported
> only once for each function it appears in
> make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
> make[1]: *** [crypto/asymmetric_keys] Error 2
> make: *** [crypto] Error 2
> 
> Perhaps include/keys/system_keyring.h should have a definition for
> system_trusted_keyring in the #ifndef CONFIG_SYSTEM_TRUSTED_KEYRING
> case (which may entail just removing the #ifdef).
> 
> Commits b56e5a17b6b9acd1 and 09fbc47373826d67 are relevant.
> 
> -JimC

I have same problem too.

Using following band-aid patch (though I'm not sure it's correct), build 
is ok;

--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -67,6 +67,7 @@ int integrity_digsig_verify(const unsigned int id, const 
char *sig, int siglen,
        return -EOPNOTSUPP;
 }
 
+#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
 int integrity_init_keyring(const unsigned int id)
 {
        const struct cred *cred = current_cred();
@@ -84,3 +85,4 @@ int integrity_init_keyring(const unsigned int id)
                        keyring_name[id], PTR_ERR(keyring[id]));
        return 0;
 }
+#endif

But, I encounter another build issue;

  CC      crypto/asymmetric_keys/x509_public_key.o
crypto/asymmetric_keys/x509_public_key.c: In function 
‘x509_key_preparse’:
crypto/asymmetric_keys/x509_public_key.c:237:35: error: 
‘system_trusted_keyring’ undeclared (first use in this function)
   ret = x509_validate_trust(cert, system_trusted_keyring);
                                   ^
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared 
identifier is reported only once for each function it appears in
make[2]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1
make[1]: *** [crypto/asymmetric_keys] Error 2
make: *** [crypto] Error 2


Looks like it's caused by following combination...

# CONFIG_SYSTEM_TRUSTED_KEYRING is not set
CONFIG_X509_CERTIFICATE_PARSER=y


Jongman Heo

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to