From 40b08cdac9ae0877dd39d2dcfe2f8c7c68c8ce59 Mon Sep 17 00:00:00 2001 From: Yannik Sembritzki Date: Thu, 16 Aug 2018 14:05:10 +0100 Subject: Replace magic for trusting the secondary keyring with #define commit 817aef260037f33ee0f44c17fe341323d3aebd6d upstream. Replace the use of a magic number that indicates that verify_*_signature() should use the secondary keyring with a symbol. Signed-off-by: Yannik Sembritzki Signed-off-by: David Howells Cc: keyrings@vger.kernel.org Cc: linux-security-module@vger.kernel.org Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- certs/system_keyring.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'certs') diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 50979d6dcecd..247665054691 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -207,7 +208,7 @@ int verify_pkcs7_signature(const void *data, size_t len, if (!trusted_keys) { trusted_keys = builtin_trusted_keys; - } else if (trusted_keys == (void *)1UL) { + } else if (trusted_keys == VERIFY_USE_SECONDARY_KEYRING) { #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING trusted_keys = secondary_trusted_keys; #else -- cgit v1.2.3