Message ID | 20240111094530.1893262-1-pvorel@suse.cz |
---|---|
State | Accepted |
Headers | show |
Series | [1/1] keyctl05: Add modprobe dns_resolver | expand |
Hi! > This avoids TCONF when module not loaded: > keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' > > There is no way to trigger module loading automatically. I just checked the kernel add_key() syscall and indeed there is no way the sycall would load a module, all it does is to loop over already registered kernel key types. > Signed-off-by: Petr Vorel <pvorel@suse.cz> > --- > Hi, > > a candidate to merge before release (simple enough). > > I'll try to send a patchset for .modprobe_module before the release, but > I suppose we should merge it after the release anyway. That's why I > added this simple patch. And therefore I don't bother with 'modprobe -r', > neither with requiring modprobe (will be in .modprobe_module). Sounds like a plan. Let's go for this workaround before the release then. Reviewed-by: Cyril Hrubis <chrubis@suse.cz> > testcases/kernel/syscalls/keyctl/keyctl05.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c > index f0e09fe5d..a79a5763b 100644 > --- a/testcases/kernel/syscalls/keyctl/keyctl05.c > +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c > @@ -34,6 +34,8 @@ > #include "tst_test.h" > #include "lapi/keyctl.h" > > +#define MODULE "dns_resolver" > + > /* > * A valid payload for the "asymmetric" key type. This is an x509 certificate > * in DER format, generated using: > @@ -193,6 +195,9 @@ static void test_update_setperm_race(void) > > static void setup(void) > { > + /* There is no way to trigger automatic dns_resolver module loading. */ > + tst_cmd((const char*[]){"modprobe", MODULE, NULL}, NULL, NULL, 0); > + > fips_enabled = tst_fips_enabled(); > } > > @@ -213,7 +218,7 @@ static void do_test(unsigned int i) > x509_cert, sizeof(x509_cert)); > break; > case 1: > - test_update_nonupdatable("dns_resolver", dns_res_payload, > + test_update_nonupdatable(MODULE, dns_res_payload, > sizeof(dns_res_payload)); > break; > case 2: > -- > 2.43.0 >
Hi Cyril, all, > Hi! > > This avoids TCONF when module not loaded: > > keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' > > There is no way to trigger module loading automatically. > I just checked the kernel add_key() syscall and indeed there is no way > the sycall would load a module, all it does is to loop over already > registered kernel key types. Thanks for checking this! > > Signed-off-by: Petr Vorel <pvorel@suse.cz> > > --- > > Hi, > > a candidate to merge before release (simple enough). > > I'll try to send a patchset for .modprobe_module before the release, but > > I suppose we should merge it after the release anyway. That's why I > > added this simple patch. And therefore I don't bother with 'modprobe -r', > > neither with requiring modprobe (will be in .modprobe_module). > Sounds like a plan. Let's go for this workaround before the release > then. +1 > Reviewed-by: Cyril Hrubis <chrubis@suse.cz> Thanks, merged! Kind regards, Petr
diff --git a/testcases/kernel/syscalls/keyctl/keyctl05.c b/testcases/kernel/syscalls/keyctl/keyctl05.c index f0e09fe5d..a79a5763b 100644 --- a/testcases/kernel/syscalls/keyctl/keyctl05.c +++ b/testcases/kernel/syscalls/keyctl/keyctl05.c @@ -34,6 +34,8 @@ #include "tst_test.h" #include "lapi/keyctl.h" +#define MODULE "dns_resolver" + /* * A valid payload for the "asymmetric" key type. This is an x509 certificate * in DER format, generated using: @@ -193,6 +195,9 @@ static void test_update_setperm_race(void) static void setup(void) { + /* There is no way to trigger automatic dns_resolver module loading. */ + tst_cmd((const char*[]){"modprobe", MODULE, NULL}, NULL, NULL, 0); + fips_enabled = tst_fips_enabled(); } @@ -213,7 +218,7 @@ static void do_test(unsigned int i) x509_cert, sizeof(x509_cert)); break; case 1: - test_update_nonupdatable("dns_resolver", dns_res_payload, + test_update_nonupdatable(MODULE, dns_res_payload, sizeof(dns_res_payload)); break; case 2:
This avoids TCONF when module not loaded: keyctl05.c:99: TCONF: kernel doesn't support key type 'dns_resolver' There is no way to trigger module loading automatically. Signed-off-by: Petr Vorel <pvorel@suse.cz> --- Hi, a candidate to merge before release (simple enough). I'll try to send a patchset for .modprobe_module before the release, but I suppose we should merge it after the release anyway. That's why I added this simple patch. And therefore I don't bother with 'modprobe -r', neither with requiring modprobe (will be in .modprobe_module). Kind regards, Petr testcases/kernel/syscalls/keyctl/keyctl05.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)