Re: crypto: api - Move module sig ifdef into accessor function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> writes:
> Currently we're hiding mod->sig_ok under an ifdef in open code.
> This patch adds a module_sig_ok accessor function and removes that
> ifdef.
>     
> Cc: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Did you want me to take this via modules-next?  Assuming not.

So:
        Acked-by: Rusty Russell <rusty@xxxxxxxxxxxxxxx>

Thanks,
Rusty.

> diff --git a/crypto/algapi.c b/crypto/algapi.c
> index 8057c9f..c63836f 100644
> --- a/crypto/algapi.c
> +++ b/crypto/algapi.c
> @@ -44,12 +44,9 @@ static inline int crypto_set_driver_name(struct crypto_alg *alg)
>  
>  static inline void crypto_check_module_sig(struct module *mod)
>  {
> -#ifdef CONFIG_CRYPTO_FIPS
> -	if (fips_enabled && mod && !mod->sig_ok)
> +	if (fips_enabled && mod && !module_sig_ok(mod))
>  		panic("Module %s signature verification failed in FIPS mode\n",
>  		      mod->name);
> -#endif
> -	return;
>  }
>  
>  static int crypto_check_alg(struct crypto_alg *alg)
> diff --git a/include/linux/module.h b/include/linux/module.h
> index c883b86..1e54360 100644
> --- a/include/linux/module.h
> +++ b/include/linux/module.h
> @@ -655,4 +655,16 @@ static inline void module_bug_finalize(const Elf_Ehdr *hdr,
>  static inline void module_bug_cleanup(struct module *mod) {}
>  #endif	/* CONFIG_GENERIC_BUG */
>  
> +#ifdef CONFIG_MODULE_SIG
> +static inline bool module_sig_ok(struct module *module)
> +{
> +	return module->sig_ok;
> +}
> +#else	/* !CONFIG_MODULE_SIG */
> +static inline bool module_sig_ok(struct module *module)
> +{
> +	return true;
> +}
> +#endif	/* CONFIG_MODULE_SIG */
> +
>  #endif /* _LINUX_MODULE_H */
> -- 
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux