Hi Eric, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on 3123109284176b1532874591f7c81f3837bbdc17] url: https://github.com/intel-lab-lkp/linux/commits/Eric-Snowberg/Add-CA-enforcement-keyring-restrictions/20220407-003209 base: 3123109284176b1532874591f7c81f3837bbdc17 config: riscv-randconfig-r042-20220406 (https://download.01.org/0day-ci/archive/20220407/202204070321.X7bLj3Ce-lkp@xxxxxxxxx/config) compiler: riscv64-linux-gcc (GCC) 11.2.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/intel-lab-lkp/linux/commit/68d98a175d29032d888f3f5700c43cf771ef17d8 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review Eric-Snowberg/Add-CA-enforcement-keyring-restrictions/20220407-003209 git checkout 68d98a175d29032d888f3f5700c43cf771ef17d8 # save the config file to linux build tree mkdir build_dir COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=riscv SHELL=/bin/bash crypto/asymmetric_keys/ If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@xxxxxxxxx> All warnings (new ones prefixed by >>): >> crypto/asymmetric_keys/restrict.c:111:5: warning: no previous prototype for 'restrict_link_by_rot_and_signature' [-Wmissing-prototypes] 111 | int restrict_link_by_rot_and_signature(struct key *dest_keyring, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ vim +/restrict_link_by_rot_and_signature +111 crypto/asymmetric_keys/restrict.c 110 > 111 int restrict_link_by_rot_and_signature(struct key *dest_keyring, 112 const struct key_type *type, 113 const union key_payload *payload, 114 struct key *trust_keyring) 115 { 116 const struct public_key_signature *sig; 117 struct key *key; 118 int ret; 119 120 if (!trust_keyring) 121 return -ENOKEY; 122 123 if (type != &key_type_asymmetric) 124 return -EOPNOTSUPP; 125 126 sig = payload->data[asym_auth]; 127 if (!sig) 128 return -ENOPKG; 129 if (!sig->auth_ids[0] && !sig->auth_ids[1] && !sig->auth_ids[2]) 130 return -ENOKEY; 131 132 if (ca_keyid && !asymmetric_key_id_partial(sig->auth_ids[1], ca_keyid)) 133 return -EPERM; 134 135 /* See if we have a key that signed this one. */ 136 key = find_asymmetric_key(trust_keyring, 137 sig->auth_ids[0], sig->auth_ids[1], 138 sig->auth_ids[2], false); 139 if (IS_ERR(key)) 140 return -ENOKEY; 141 142 if (!test_bit(KEY_FLAG_BUILTIN_ROT, &key->flags)) 143 ret = -ENOKEY; 144 else if (use_builtin_keys && !test_bit(KEY_FLAG_BUILTIN, &key->flags)) 145 ret = -ENOKEY; 146 else 147 ret = verify_signature(key, sig); 148 key_put(key); 149 return ret; 150 } 151 -- 0-DAY CI Kernel Test Service https://01.org/lkp
