Hi all, After merging the keys tree, today's linux-next build (x86_64 allmodconfig) failed like this: In file included from include/linux/cred.h:13, from security/integrity/ima/ima_mok.c:12: security/integrity/ima/ima_mok.c: In function 'ima_mok_init': include/linux/key.h:292:29: warning: passing argument 7 of 'keyring_alloc' makes pointer from integer without a cast [-Wint-conversion] 292 | #define KEY_ALLOC_SET_KEEP 0x0020 /* Set the KEEP flag on the key/keyring */ | ^~~~~~ | | | int security/integrity/ima/ima_mok.c:42:5: note: in expansion of macro 'KEY_ALLOC_SET_KEEP' 42 | KEY_ALLOC_SET_KEEP, | ^~~~~~~~~~~~~~~~~~ include/linux/key.h:410:30: note: expected 'struct key_restriction *' but argument is of type 'int' 410 | struct key_restriction *restrict_link, | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~ security/integrity/ima/ima_mok.c:43:5: error: passing argument 8 of 'keyring_alloc' from incompatible pointer type [-Werror=incompatible-pointer-types] 43 | restriction, NULL); | ^~~~~~~~~~~ | | | struct key_restriction * In file included from include/linux/cred.h:13, from security/integrity/ima/ima_mok.c:12: include/linux/key.h:411:18: note: expected 'struct key *' but argument is of type 'struct key_restriction *' 411 | struct key *dest); | ~~~~~~~~~~~~^~~~ security/integrity/ima/ima_mok.c:36:26: error: too many arguments to function 'keyring_alloc' 36 | ima_blacklist_keyring = keyring_alloc(".ima_blacklist", | ^~~~~~~~~~~~~ In file included from include/linux/cred.h:13, from security/integrity/ima/ima_mok.c:12: include/linux/key.h:406:20: note: declared here 406 | extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, | ^~~~~~~~~~~~~ Caused by commit 33c36b2053de ("certs: Fix blacklist flag type confusion") I have applied the following fix patch for today: From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> Date: Fri, 11 Dec 2020 15:46:09 +1100 Subject: [PATCH] fixup for "certs: Fix blacklist flag type confusion" Signed-off-by: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> --- security/integrity/ima/ima_mok.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/security/integrity/ima/ima_mok.c b/security/integrity/ima/ima_mok.c index ce8871d96f12..5594dd38ab04 100644 --- a/security/integrity/ima/ima_mok.c +++ b/security/integrity/ima/ima_mok.c @@ -38,8 +38,7 @@ __init int ima_mok_init(void) (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW | KEY_USR_READ | KEY_USR_WRITE | KEY_USR_SEARCH, - KEY_ALLOC_NOT_IN_QUOTA, - KEY_ALLOC_SET_KEEP, + KEY_ALLOC_NOT_IN_QUOTA | KEY_ALLOC_SET_KEEP, restriction, NULL); if (IS_ERR(ima_blacklist_keyring)) -- 2.29.2 -- Cheers, Stephen Rothwell
Attachment:
pgpDEhE8TteY4.pgp
Description: OpenPGP digital signature