On Fri, Sep 07, 2018 at 12:32:48PM +0200, Yannik Sembritzki wrote:
> I've never backported a linux patch before; so I'm not sure if this is
> the right format.
> However, this cleanly applies to the linux-4.9.y branch.
> This is a backport of commit 817aef260037f33ee0f44c17fe341323d3aebd6d.
>
> ----------------------------
> Signed-off-by: Yannik Sembritzki <yannik@xxxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
> ---
> certs/system_keyring.c | 3 ++-
> crypto/asymmetric_keys/pkcs7_key_type.c | 2 +-
> include/linux/verification.h | 6 ++++++
> 3 files changed, 9 insertions(+), 2 deletions(-)
>
> --- a/certs/system_keyring.c
> +++ b/certs/system_keyring.c
> @@ -15,5 +15,6 @@
> #include <linux/cred.h>
> #include <linux/err.h>
> +#include <linux/verification.h>
> #include <keys/asymmetric-type.h>
> #include <keys/system_keyring.h>
> #include <crypto/pkcs7.h>
> @@ -230,7 +231,7 @@ int verify_pkcs7_signature(const void *d
>
> if (!trusted_keys) {
> trusted_keys = builtin_trusted_keys;
> - } else if (trusted_keys == (void *)1UL) {
> + } else if (trusted_keys == VERIFY_USE_SECONDARY_KEYRING) {
> #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
> trusted_keys = secondary_trusted_keys;
> #else
> --- a/crypto/asymmetric_keys/pkcs7_key_type.c
> +++ b/crypto/asymmetric_keys/pkcs7_key_type.c
> @@ -63,7 +63,7 @@ static int pkcs7_preparse(struct key_pre
>
> return verify_pkcs7_signature(NULL, 0,
> prep->data, prep->datalen,
> - (void *)1UL, usage,
> + VERIFY_USE_SECONDARY_KEYRING, usage,
> pkcs7_view_content, prep);
> }
>
> --- a/include/linux/verification.h
> +++ b/include/linux/verification.h
> @@ -13,6 +13,12 @@
> #define _LINUX_VERIFICATION_H
>
> /*
> + * Indicate that both builtin trusted keys and secondary trusted keys
> + * should be used.
> + */
> +#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL)
> +
> +/*
> * The use to which an asymmetric key is being put.
> */
> enum key_being_used_for {
The patch is whitespace damaged and can not be applied :(
Care to fix that up and resend it?
thanks,
greg k-h
