[PATCH 6/7] KEYS: X.509: Flag Intermediate CA certs as built in

kernel test robot lkp at intel.com
Thu Apr 7 01:04:25 UTC 2022


Hi Eric,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on 3123109284176b1532874591f7c81f3837bbdc17]

url:    https://github.com/intel-lab-lkp/linux/commits/Eric-Snowberg/Add-CA-enforcement-keyring-restrictions/20220407-003209
base:   3123109284176b1532874591f7c81f3837bbdc17
config: um-i386_defconfig (https://download.01.org/0day-ci/archive/20220407/202204070929.nFQNU3B8-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.2.0-19) 11.2.0
reproduce (this is a W=1 build):
        # https://github.com/intel-lab-lkp/linux/commit/b0858df3dd6d627f8fa75cc973f55516372a5c98
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Eric-Snowberg/Add-CA-enforcement-keyring-restrictions/20220407-003209
        git checkout b0858df3dd6d627f8fa75cc973f55516372a5c98
        # save the config file to linux build tree
        mkdir build_dir
        make W=1 O=build_dir ARCH=um SUBARCH=i386 SHELL=/bin/bash

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp at intel.com>

All warnings (new ones prefixed by >>):

   In file included from fs/file_table.c:28:
>> include/linux/ima.h:189:56: warning: 'union key_payload' declared inside parameter list will not be visible outside of this definition or declaration
     189 |                                            const union key_payload *payload,
         |                                                        ^~~~~~~~~~~
>> include/linux/ima.h:188:57: warning: 'struct key_type' declared inside parameter list will not be visible outside of this definition or declaration
     188 |                                            const struct key_type *type,
         |                                                         ^~~~~~~~


vim +189 include/linux/ima.h

   179	
   180	#ifdef CONFIG_ASYMMETRIC_KEY_TYPE
   181	#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
   182	#define ima_validate_builtin_rot restrict_link_by_rot_builtin_and_secondary_trusted
   183	#else
   184	#define ima_validate_builtin_rot restrict_link_by_rot_builtin_trusted
   185	#endif
   186	#else
   187	static inline int ima_validate_builtin_rot(struct key *dest_keyring,
 > 188						   const struct key_type *type,
 > 189						   const union key_payload *payload,
   190						   struct key *unused){
   191		return -EPERM;
   192	}
   193	#endif
   194	

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp



More information about the Linux-security-module-archive mailing list