| Message ID | 1446134370-11460-4-git-send-email-jarkko.sakkinen@linux.intel.com |
|---|---|
| State | New |
| Headers | show |
Hi Jarkko,
[auto build test ERROR on next-20151022 -- if it's inappropriate base, please suggest rules for selecting the more suitable base]
url: https://github.com/0day-ci/linux/commits/Jarkko-Sakkinen/TPM2-select-hash-algorithm-for-a-trusted-key/20151030-000439
config: x86_64-acpi-redef (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All errors (new ones prefixed by >>):
security/built-in.o: In function `getoptions.isra.0':
>> trusted.c:(.text+0x6678): undefined reference to `hash_algo_name'
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
------------------------------------------------------------------------------
On Thu, 2015-10-29 at 17:59 +0200, Jarkko Sakkinen wrote: > Added 'hash=' option for selecting the hash algorithm for add_key() > syscall. > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> > --- > security/keys/trusted.c | 20 +++++++++++++++++++- > 1 file changed, 19 insertions(+), 1 deletion(-) > > diff --git a/security/keys/trusted.c b/security/keys/trusted.c > index d3633cf..7a87bcd 100644 > --- a/security/keys/trusted.c > +++ b/security/keys/trusted.c > @@ -11,6 +11,7 @@ > * See Documentation/security/keys-trusted-encrypted.txt > */ > > +#include <crypto/hash_info.h> This introduces a Kconfig dependency on CRYPTO_HASH_INFO. Mimi > #include <linux/uaccess.h> > #include <linux/module.h> > #include <linux/init.h> > @@ -710,7 +711,8 @@ enum { > Opt_err = -1, > Opt_new, Opt_load, Opt_update, > Opt_keyhandle, Opt_keyauth, Opt_blobauth, > - Opt_pcrinfo, Opt_pcrlock, Opt_migratable > + Opt_pcrinfo, Opt_pcrlock, Opt_migratable, > + Opt_hash, > }; > > static const match_table_t key_tokens = { > @@ -723,6 +725,7 @@ static const match_table_t key_tokens = { > {Opt_pcrinfo, "pcrinfo=%s"}, > {Opt_pcrlock, "pcrlock=%s"}, > {Opt_migratable, "migratable=%s"}, > + {Opt_hash, "hash=%s"}, > {Opt_err, NULL} > }; > > @@ -736,6 +739,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay, > int res; > unsigned long handle; > unsigned long lock; > + int i; > > while ((p = strsep(&c, " \t"))) { > if (*p == '\0' || *p == ' ' || *p == '\t') > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct trusted_key_payload *pay, > return -EINVAL; > opt->pcrlock = lock; > break; > + case Opt_hash: > + for (i = 0; i < HASH_ALGO__LAST; i++) { > + if (!strcmp(args[0].from, hash_algo_name[i])) { > + opt->hash = i; > + break; > + } > + } > + res = tpm_is_tpm2(TPM_ANY_NUM); > + if (res < 0) > + return res; > + if (i == HASH_ALGO__LAST || > + (!res && i != HASH_ALGO_SHA1)) > + return -EINVAL; > + break; > default: > return -EINVAL; > } ------------------------------------------------------------------------------
On Thu, Oct 29, 2015 at 03:37:20PM -0400, Mimi Zohar wrote: > On Thu, 2015-10-29 at 17:59 +0200, Jarkko Sakkinen wrote: > > Added 'hash=' option for selecting the hash algorithm for add_key() > > syscall. > > > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> > > --- > > security/keys/trusted.c | 20 +++++++++++++++++++- > > 1 file changed, 19 insertions(+), 1 deletion(-) > > > > diff --git a/security/keys/trusted.c b/security/keys/trusted.c > > index d3633cf..7a87bcd 100644 > > --- a/security/keys/trusted.c > > +++ b/security/keys/trusted.c > > @@ -11,6 +11,7 @@ > > * See Documentation/security/keys-trusted-encrypted.txt > > */ > > > > +#include <crypto/hash_info.h> > > This introduces a Kconfig dependency on CRYPTO_HASH_INFO. Thanks. I'll add it. Got also build error from kbuild bot. I'll use that config to reproduce and fix this error. > Mimi /Jarkko ------------------------------------------------------------------------------
diff --git a/security/keys/trusted.c b/security/keys/trusted.c index d3633cf..7a87bcd 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -11,6 +11,7 @@ * See Documentation/security/keys-trusted-encrypted.txt */ +#include <crypto/hash_info.h> #include <linux/uaccess.h> #include <linux/module.h> #include <linux/init.h> @@ -710,7 +711,8 @@ enum { Opt_err = -1, Opt_new, Opt_load, Opt_update, Opt_keyhandle, Opt_keyauth, Opt_blobauth, - Opt_pcrinfo, Opt_pcrlock, Opt_migratable + Opt_pcrinfo, Opt_pcrlock, Opt_migratable, + Opt_hash, }; static const match_table_t key_tokens = { @@ -723,6 +725,7 @@ static const match_table_t key_tokens = { {Opt_pcrinfo, "pcrinfo=%s"}, {Opt_pcrlock, "pcrlock=%s"}, {Opt_migratable, "migratable=%s"}, + {Opt_hash, "hash=%s"}, {Opt_err, NULL} }; @@ -736,6 +739,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay, int res; unsigned long handle; unsigned long lock; + int i; while ((p = strsep(&c, " \t"))) { if (*p == '\0' || *p == ' ' || *p == '\t') @@ -787,6 +791,20 @@ static int getoptions(char *c, struct trusted_key_payload *pay, return -EINVAL; opt->pcrlock = lock; break; + case Opt_hash: + for (i = 0; i < HASH_ALGO__LAST; i++) { + if (!strcmp(args[0].from, hash_algo_name[i])) { + opt->hash = i; + break; + } + } + res = tpm_is_tpm2(TPM_ANY_NUM); + if (res < 0) + return res; + if (i == HASH_ALGO__LAST || + (!res && i != HASH_ALGO_SHA1)) + return -EINVAL; + break; default: return -EINVAL; }
Added 'hash=' option for selecting the hash algorithm for add_key() syscall. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- security/keys/trusted.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-)