This commit commit 09fbc47373826d67531380662b516de2da120545 Author: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 20 14:36:27 2013 -0400 KEYS: verify a certificate is signed by a 'trusted' key Only public keys, with certificates signed by an existing 'trusted' key on the system trusted keyring, should be added to a trusted keyring. This patch adds support for verifying a certificate's signature. This is derived from David Howells pkcs7_request_asymmetric_key() patch. Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Howells <dhowells@xxxxxxxxxx> results in this error with the attached .config: bjorn@canardo:/usr/local/src/build-tmp/linux$ make -j4 deb-pkg CHK include/config/kernel.release make KBUILD_SRC= make[3]: Nothing to be done for `all'. CHK include/config/kernel.release CHK include/generated/uapi/linux/version.h make[3]: Nothing to be done for `relocs'. CHK include/generated/utsrelease.h CALL scripts/checksyscalls.sh <stdin>:1223:2: warning: #warning syscall finit_module not implemented [-Wcpp] CHK include/generated/compile.h make[5]: `arch/x86/realmode/rm/realmode.bin' is up to date. LD crypto/crypto.o CC [M] crypto/asymmetric_keys/x509-asn1.o CC [M] crypto/asymmetric_keys/x509_rsakey-asn1.o CC [M] crypto/asymmetric_keys/x509_cert_parser.o CC [M] crypto/async_tx/async_tx.o CC [M] crypto/asymmetric_keys/x509_public_key.o crypto/asymmetric_keys/x509_public_key.c: In function ‘x509_key_preparse’: crypto/asymmetric_keys/x509_public_key.c:237:35: error: ‘system_trusted_keyring’ undeclared (first use in this function) crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared identifier is reported only once for each function it appears in make[4]: *** [crypto/asymmetric_keys/x509_public_key.o] Error 1 make[3]: *** [crypto/asymmetric_keys] Error 2 make[3]: *** Waiting for unfinished jobs.... CC [M] crypto/async_tx/async_memcpy.o CC [M] crypto/async_tx/async_xor.o CC [M] crypto/async_tx/async_pq.o CC [M] crypto/async_tx/async_raid6_recov.o make[2]: *** [crypto] Error 2 make[2]: *** Waiting for unfinished jobs.... make[1]: *** [deb-pkg] Error 2 make: *** [deb-pkg] Error 2 I've confirmed that reverting the commit resolves the error, but I assume that the proper fix is adding the missing dependency. Bjørn
Attachment:
config.gz
Description: GNU Zip compressed data