From ee0b31a25a010116f44fca6c96f4516d417793dd Mon Sep 17 00:00:00 2001 From: Mimi Zohar Date: Tue, 17 Jan 2012 20:39:51 +0000 Subject: keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages Define rcu_assign_keypointer(), which uses the key payload.rcudata instead of payload.data, to resolve the CONFIG_SPARSE_RCU_POINTER message: "incompatible types in comparison expression (different address spaces)" Replace the rcu_assign_pointer() calls in encrypted/trusted keys with rcu_assign_keypointer(). Signed-off-by: Mimi Zohar Signed-off-by: David Howells Signed-off-by: James Morris --- include/linux/key.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/linux') diff --git a/include/linux/key.h b/include/linux/key.h index 183a6af7715d..bfc014c57351 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -293,6 +293,9 @@ static inline bool key_is_instantiated(const struct key *key) (rcu_dereference_protected((KEY)->payload.rcudata, \ rwsem_is_locked(&((struct key *)(KEY))->sem))) +#define rcu_assign_keypointer(KEY, PAYLOAD) \ + (rcu_assign_pointer((KEY)->payload.rcudata, PAYLOAD)) + #ifdef CONFIG_SYSCTL extern ctl_table key_sysctls[]; #endif -- cgit v1.2.3 From 5e8898e97a5db4125d944070922164d1d09a2689 Mon Sep 17 00:00:00 2001 From: Dmitry Kasatkin Date: Tue, 17 Jan 2012 17:12:03 +0200 Subject: lib: digital signature config option name change It was reported that DIGSIG is confusing name for digital signature module. It was suggested to rename DIGSIG to SIGNATURE. Requested-by: Linus Torvalds Suggested-by: Pavel Machek Signed-off-by: Dmitry Kasatkin Signed-off-by: James Morris --- include/linux/digsig.h | 4 ++-- lib/Kconfig | 2 +- lib/Makefile | 2 +- security/integrity/Kconfig | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) (limited to 'include/linux') diff --git a/include/linux/digsig.h b/include/linux/digsig.h index efae755017d7..b01558b15814 100644 --- a/include/linux/digsig.h +++ b/include/linux/digsig.h @@ -46,7 +46,7 @@ struct signature_hdr { char mpi[0]; } __packed; -#if defined(CONFIG_DIGSIG) || defined(CONFIG_DIGSIG_MODULE) +#if defined(CONFIG_SIGNATURE) || defined(CONFIG_SIGNATURE_MODULE) int digsig_verify(struct key *keyring, const char *sig, int siglen, const char *digest, int digestlen); @@ -59,6 +59,6 @@ static inline int digsig_verify(struct key *keyring, const char *sig, return -EOPNOTSUPP; } -#endif /* CONFIG_DIGSIG */ +#endif /* CONFIG_SIGNATURE */ #endif /* _DIGSIG_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 201e1b33d721..854735d96dc3 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -302,7 +302,7 @@ config MPILIB_EXTRA This code in unnecessary for RSA digital signature verification, and can be compiled if needed. -config DIGSIG +config SIGNATURE tristate "In-kernel signature checker" depends on KEYS select MPILIB diff --git a/lib/Makefile b/lib/Makefile index dace162c7e1c..d71aae1b01b3 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -119,7 +119,7 @@ obj-$(CONFIG_CORDIC) += cordic.o obj-$(CONFIG_DQL) += dynamic_queue_limits.o obj-$(CONFIG_MPILIB) += mpi/ -obj-$(CONFIG_DIGSIG) += digsig.o +obj-$(CONFIG_SIGNATURE) += digsig.o hostprogs-y := gen_crc32table clean-files := crc32table.h diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig index d384ea921482..ff60bf72881f 100644 --- a/security/integrity/Kconfig +++ b/security/integrity/Kconfig @@ -7,7 +7,7 @@ config INTEGRITY_DIGSIG boolean "Digital signature verification using multiple keyrings" depends on INTEGRITY && KEYS default n - select DIGSIG + select SIGNATURE help This option enables digital signature verification support using multiple keyrings. It defines separate keyrings for each -- cgit v1.2.3