[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 6462e6654ccf..e115d691d977 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -20,10 +20,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config PERSISTENT_KEYRINGS
 	bool "Enable register of persistent per-UID keyrings"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index ef1581b337a3..b92ef62b99a1 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index e87c89c0177c..d7445946b701 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 9f8208dc0e55..6d54fa8baa64 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.16.0.rc0.223.g4a4ac83678-goog

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 6462e6654ccf..e115d691d977 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -20,10 +20,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config PERSISTENT_KEYRINGS
 	bool "Enable register of persistent per-UID keyrings"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index ef1581b337a3..b92ef62b99a1 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index e87c89c0177c..d7445946b701 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 9f8208dc0e55..6d54fa8baa64 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.16.0.rc0.223.g4a4ac83678-goog

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Fri, Jan 05, 2018 at 11:19:47AM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  security/keys/Kconfig    | 4 ----
>  security/keys/Makefile   | 2 +-
>  security/keys/compat.c   | 5 -----
>  security/keys/internal.h | 4 ++--
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 6462e6654ccf..e115d691d977 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -20,10 +20,6 @@ config KEYS
>  
>  	  If you are unsure as to whether this is required, answer N.
>  
> -config KEYS_COMPAT
> -	def_bool y
> -	depends on COMPAT && KEYS
> -
>  config PERSISTENT_KEYRINGS
>  	bool "Enable register of persistent per-UID keyrings"
>  	depends on KEYS
> diff --git a/security/keys/Makefile b/security/keys/Makefile
> index ef1581b337a3..b92ef62b99a1 100644
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -17,7 +17,7 @@ obj-y := \
>  	request_key_auth.o \
>  	user_defined.o
>  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
>  obj-$(CONFIG_PROC_FS) += proc.o
>  obj-$(CONFIG_SYSCTL) += sysctl.o
>  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index e87c89c0177c..d7445946b701 100644
> --- a/security/keys/compat.c
> +++ b/security/keys/compat.c
> @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
>  
>  /*
>   * The key control system call, 32-bit compatibility version for 64-bit archs
> - *
> - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> - * directly.
>   */
>  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
>  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 9f8208dc0e55..6d54fa8baa64 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  			      size_t, struct keyctl_kdf_params __user *);
>  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  				size_t, struct keyctl_kdf_params *);
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
>  				struct compat_keyctl_kdf_params __user *kdf);
> @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  	return -EOPNOTSUPP;
>  }
>  
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  static inline long compat_keyctl_dh_compute(
>  				struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
> -- 
> 2.16.0.rc0.223.g4a4ac83678-goog
> 

Ping.  

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Fri, Jan 05, 2018 at 11:19:47AM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  security/keys/Kconfig    | 4 ----
>  security/keys/Makefile   | 2 +-
>  security/keys/compat.c   | 5 -----
>  security/keys/internal.h | 4 ++--
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 6462e6654ccf..e115d691d977 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -20,10 +20,6 @@ config KEYS
>  
>  	  If you are unsure as to whether this is required, answer N.
>  
> -config KEYS_COMPAT
> -	def_bool y
> -	depends on COMPAT && KEYS
> -
>  config PERSISTENT_KEYRINGS
>  	bool "Enable register of persistent per-UID keyrings"
>  	depends on KEYS
> diff --git a/security/keys/Makefile b/security/keys/Makefile
> index ef1581b337a3..b92ef62b99a1 100644
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -17,7 +17,7 @@ obj-y := \
>  	request_key_auth.o \
>  	user_defined.o
>  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
>  obj-$(CONFIG_PROC_FS) += proc.o
>  obj-$(CONFIG_SYSCTL) += sysctl.o
>  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index e87c89c0177c..d7445946b701 100644
> --- a/security/keys/compat.c
> +++ b/security/keys/compat.c
> @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
>  
>  /*
>   * The key control system call, 32-bit compatibility version for 64-bit archs
> - *
> - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> - * directly.
>   */
>  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
>  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 9f8208dc0e55..6d54fa8baa64 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  			      size_t, struct keyctl_kdf_params __user *);
>  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  				size_t, struct keyctl_kdf_params *);
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
>  				struct compat_keyctl_kdf_params __user *kdf);
> @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  	return -EOPNOTSUPP;
>  }
>  
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  static inline long compat_keyctl_dh_compute(
>  				struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
> -- 
> 2.16.0.rc0.223.g4a4ac83678-goog
> 

Ping.  

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Tue, Feb 20, 2018 at 11:41:44AM -0800, Eric Biggers wrote:
> On Fri, Jan 05, 2018 at 11:19:47AM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > security/keys/ directory is only compiled if KEYS is enabled, so in
> > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > 
> > (Also remove an outdated comment from compat.c.)
> > 
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > ---
> >  security/keys/Kconfig    | 4 ----
> >  security/keys/Makefile   | 2 +-
> >  security/keys/compat.c   | 5 -----
> >  security/keys/internal.h | 4 ++--
> >  4 files changed, 3 insertions(+), 12 deletions(-)
> > 
> > diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> > index 6462e6654ccf..e115d691d977 100644
> > --- a/security/keys/Kconfig
> > +++ b/security/keys/Kconfig
> > @@ -20,10 +20,6 @@ config KEYS
> >  
> >  	  If you are unsure as to whether this is required, answer N.
> >  
> > -config KEYS_COMPAT
> > -	def_bool y
> > -	depends on COMPAT && KEYS
> > -
> >  config PERSISTENT_KEYRINGS
> >  	bool "Enable register of persistent per-UID keyrings"
> >  	depends on KEYS
> > diff --git a/security/keys/Makefile b/security/keys/Makefile
> > index ef1581b337a3..b92ef62b99a1 100644
> > --- a/security/keys/Makefile
> > +++ b/security/keys/Makefile
> > @@ -17,7 +17,7 @@ obj-y := \
> >  	request_key_auth.o \
> >  	user_defined.o
> >  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> > -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> > +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
> >  obj-$(CONFIG_PROC_FS) += proc.o
> >  obj-$(CONFIG_SYSCTL) += sysctl.o
> >  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> > diff --git a/security/keys/compat.c b/security/keys/compat.c
> > index e87c89c0177c..d7445946b701 100644
> > --- a/security/keys/compat.c
> > +++ b/security/keys/compat.c
> > @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
> >  
> >  /*
> >   * The key control system call, 32-bit compatibility version for 64-bit archs
> > - *
> > - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> > - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> > - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> > - * directly.
> >   */
> >  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
> >  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> > diff --git a/security/keys/internal.h b/security/keys/internal.h
> > index 9f8208dc0e55..6d54fa8baa64 100644
> > --- a/security/keys/internal.h
> > +++ b/security/keys/internal.h
> > @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  			      size_t, struct keyctl_kdf_params __user *);
> >  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  				size_t, struct keyctl_kdf_params *);
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> >  				struct compat_keyctl_kdf_params __user *kdf);
> > @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  	return -EOPNOTSUPP;
> >  }
> >  
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  static inline long compat_keyctl_dh_compute(
> >  				struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> > -- 
> > 2.16.0.rc0.223.g4a4ac83678-goog
> > 
> 
> Ping.  

Ping.  David, are you ever planning to apply this?

- Eric

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Tue, Feb 20, 2018 at 11:41:44AM -0800, Eric Biggers wrote:
> On Fri, Jan 05, 2018 at 11:19:47AM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > security/keys/ directory is only compiled if KEYS is enabled, so in
> > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > 
> > (Also remove an outdated comment from compat.c.)
> > 
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > ---
> >  security/keys/Kconfig    | 4 ----
> >  security/keys/Makefile   | 2 +-
> >  security/keys/compat.c   | 5 -----
> >  security/keys/internal.h | 4 ++--
> >  4 files changed, 3 insertions(+), 12 deletions(-)
> > 
> > diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> > index 6462e6654ccf..e115d691d977 100644
> > --- a/security/keys/Kconfig
> > +++ b/security/keys/Kconfig
> > @@ -20,10 +20,6 @@ config KEYS
> >  
> >  	  If you are unsure as to whether this is required, answer N.
> >  
> > -config KEYS_COMPAT
> > -	def_bool y
> > -	depends on COMPAT && KEYS
> > -
> >  config PERSISTENT_KEYRINGS
> >  	bool "Enable register of persistent per-UID keyrings"
> >  	depends on KEYS
> > diff --git a/security/keys/Makefile b/security/keys/Makefile
> > index ef1581b337a3..b92ef62b99a1 100644
> > --- a/security/keys/Makefile
> > +++ b/security/keys/Makefile
> > @@ -17,7 +17,7 @@ obj-y := \
> >  	request_key_auth.o \
> >  	user_defined.o
> >  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> > -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> > +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
> >  obj-$(CONFIG_PROC_FS) += proc.o
> >  obj-$(CONFIG_SYSCTL) += sysctl.o
> >  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> > diff --git a/security/keys/compat.c b/security/keys/compat.c
> > index e87c89c0177c..d7445946b701 100644
> > --- a/security/keys/compat.c
> > +++ b/security/keys/compat.c
> > @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
> >  
> >  /*
> >   * The key control system call, 32-bit compatibility version for 64-bit archs
> > - *
> > - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> > - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> > - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> > - * directly.
> >   */
> >  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
> >  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> > diff --git a/security/keys/internal.h b/security/keys/internal.h
> > index 9f8208dc0e55..6d54fa8baa64 100644
> > --- a/security/keys/internal.h
> > +++ b/security/keys/internal.h
> > @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  			      size_t, struct keyctl_kdf_params __user *);
> >  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  				size_t, struct keyctl_kdf_params *);
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> >  				struct compat_keyctl_kdf_params __user *kdf);
> > @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  	return -EOPNOTSUPP;
> >  }
> >  
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  static inline long compat_keyctl_dh_compute(
> >  				struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> > -- 
> > 2.16.0.rc0.223.g4a4ac83678-goog
> > 
> 
> Ping.  

Ping.  David, are you ever planning to apply this?

- Eric

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 6462e6654ccf4..e115d691d9776 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -20,10 +20,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config PERSISTENT_KEYRINGS
 	bool "Enable register of persistent per-UID keyrings"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 9cef54064f608..c694458d9a46c 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index 9482df601dc33..f22527e88e3d5 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 74cb0ff42fedb..d1836e5d670cb 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.19.1.930.g4563a0d9d0-goog

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 6462e6654ccf4..e115d691d9776 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -20,10 +20,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config PERSISTENT_KEYRINGS
 	bool "Enable register of persistent per-UID keyrings"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 9cef54064f608..c694458d9a46c 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index 9482df601dc33..f22527e88e3d5 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 74cb0ff42fedb..d1836e5d670cb 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.19.1.930.g4563a0d9d0-goog

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Wed, Nov 14, 2018 at 04:52:38PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  security/keys/Kconfig    | 4 ----
>  security/keys/Makefile   | 2 +-
>  security/keys/compat.c   | 5 -----
>  security/keys/internal.h | 4 ++--
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 6462e6654ccf4..e115d691d9776 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -20,10 +20,6 @@ config KEYS
>  
>  	  If you are unsure as to whether this is required, answer N.
>  
> -config KEYS_COMPAT
> -	def_bool y
> -	depends on COMPAT && KEYS
> -
>  config PERSISTENT_KEYRINGS
>  	bool "Enable register of persistent per-UID keyrings"
>  	depends on KEYS
> diff --git a/security/keys/Makefile b/security/keys/Makefile
> index 9cef54064f608..c694458d9a46c 100644
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -17,7 +17,7 @@ obj-y := \
>  	request_key_auth.o \
>  	user_defined.o
>  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
>  obj-$(CONFIG_PROC_FS) += proc.o
>  obj-$(CONFIG_SYSCTL) += sysctl.o
>  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index 9482df601dc33..f22527e88e3d5 100644
> --- a/security/keys/compat.c
> +++ b/security/keys/compat.c
> @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
>  
>  /*
>   * The key control system call, 32-bit compatibility version for 64-bit archs
> - *
> - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> - * directly.
>   */
>  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
>  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 74cb0ff42fedb..d1836e5d670cb 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  			      size_t, struct keyctl_kdf_params __user *);
>  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  				size_t, struct keyctl_kdf_params *);
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
>  				struct compat_keyctl_kdf_params __user *kdf);
> @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  	return -EOPNOTSUPP;
>  }
>  
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  static inline long compat_keyctl_dh_compute(
>  				struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
> -- 
> 2.19.1.930.g4563a0d9d0-goog
> 

Ping.

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Wed, Nov 14, 2018 at 04:52:38PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  security/keys/Kconfig    | 4 ----
>  security/keys/Makefile   | 2 +-
>  security/keys/compat.c   | 5 -----
>  security/keys/internal.h | 4 ++--
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 6462e6654ccf4..e115d691d9776 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -20,10 +20,6 @@ config KEYS
>  
>  	  If you are unsure as to whether this is required, answer N.
>  
> -config KEYS_COMPAT
> -	def_bool y
> -	depends on COMPAT && KEYS
> -
>  config PERSISTENT_KEYRINGS
>  	bool "Enable register of persistent per-UID keyrings"
>  	depends on KEYS
> diff --git a/security/keys/Makefile b/security/keys/Makefile
> index 9cef54064f608..c694458d9a46c 100644
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -17,7 +17,7 @@ obj-y := \
>  	request_key_auth.o \
>  	user_defined.o
>  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
>  obj-$(CONFIG_PROC_FS) += proc.o
>  obj-$(CONFIG_SYSCTL) += sysctl.o
>  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index 9482df601dc33..f22527e88e3d5 100644
> --- a/security/keys/compat.c
> +++ b/security/keys/compat.c
> @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
>  
>  /*
>   * The key control system call, 32-bit compatibility version for 64-bit archs
> - *
> - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> - * directly.
>   */
>  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
>  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 74cb0ff42fedb..d1836e5d670cb 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  			      size_t, struct keyctl_kdf_params __user *);
>  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  				size_t, struct keyctl_kdf_params *);
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
>  				struct compat_keyctl_kdf_params __user *kdf);
> @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  	return -EOPNOTSUPP;
>  }
>  
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  static inline long compat_keyctl_dh_compute(
>  				struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
> -- 
> 2.19.1.930.g4563a0d9d0-goog
> 

Ping.

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Wed, Nov 14, 2018 at 04:52:38PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  security/keys/Kconfig    | 4 ----
>  security/keys/Makefile   | 2 +-
>  security/keys/compat.c   | 5 -----
>  security/keys/internal.h | 4 ++--
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 6462e6654ccf4..e115d691d9776 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -20,10 +20,6 @@ config KEYS
>  
>  	  If you are unsure as to whether this is required, answer N.
>  
> -config KEYS_COMPAT
> -	def_bool y
> -	depends on COMPAT && KEYS
> -
>  config PERSISTENT_KEYRINGS
>  	bool "Enable register of persistent per-UID keyrings"
>  	depends on KEYS
> diff --git a/security/keys/Makefile b/security/keys/Makefile
> index 9cef54064f608..c694458d9a46c 100644
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -17,7 +17,7 @@ obj-y := \
>  	request_key_auth.o \
>  	user_defined.o
>  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
>  obj-$(CONFIG_PROC_FS) += proc.o
>  obj-$(CONFIG_SYSCTL) += sysctl.o
>  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index 9482df601dc33..f22527e88e3d5 100644
> --- a/security/keys/compat.c
> +++ b/security/keys/compat.c
> @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
>  
>  /*
>   * The key control system call, 32-bit compatibility version for 64-bit archs
> - *
> - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> - * directly.
>   */
>  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
>  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 74cb0ff42fedb..d1836e5d670cb 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  			      size_t, struct keyctl_kdf_params __user *);
>  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  				size_t, struct keyctl_kdf_params *);
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
>  				struct compat_keyctl_kdf_params __user *kdf);
> @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  	return -EOPNOTSUPP;
>  }
>  
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  static inline long compat_keyctl_dh_compute(
>  				struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
> -- 
> 2.19.1.930.g4563a0d9d0-goog
> 

Ping.  David, are you planning to apply this?

- Eric

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Wed, Nov 14, 2018 at 04:52:38PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  security/keys/Kconfig    | 4 ----
>  security/keys/Makefile   | 2 +-
>  security/keys/compat.c   | 5 -----
>  security/keys/internal.h | 4 ++--
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 6462e6654ccf4..e115d691d9776 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -20,10 +20,6 @@ config KEYS
>  
>  	  If you are unsure as to whether this is required, answer N.
>  
> -config KEYS_COMPAT
> -	def_bool y
> -	depends on COMPAT && KEYS
> -
>  config PERSISTENT_KEYRINGS
>  	bool "Enable register of persistent per-UID keyrings"
>  	depends on KEYS
> diff --git a/security/keys/Makefile b/security/keys/Makefile
> index 9cef54064f608..c694458d9a46c 100644
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -17,7 +17,7 @@ obj-y := \
>  	request_key_auth.o \
>  	user_defined.o
>  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
>  obj-$(CONFIG_PROC_FS) += proc.o
>  obj-$(CONFIG_SYSCTL) += sysctl.o
>  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index 9482df601dc33..f22527e88e3d5 100644
> --- a/security/keys/compat.c
> +++ b/security/keys/compat.c
> @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
>  
>  /*
>   * The key control system call, 32-bit compatibility version for 64-bit archs
> - *
> - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> - * directly.
>   */
>  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
>  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index 74cb0ff42fedb..d1836e5d670cb 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  			      size_t, struct keyctl_kdf_params __user *);
>  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
>  				size_t, struct keyctl_kdf_params *);
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
>  				struct compat_keyctl_kdf_params __user *kdf);
> @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
>  	return -EOPNOTSUPP;
>  }
>  
> -#ifdef CONFIG_KEYS_COMPAT
> +#ifdef CONFIG_COMPAT
>  static inline long compat_keyctl_dh_compute(
>  				struct keyctl_dh_params __user *params,
>  				char __user *buffer, size_t buflen,
> -- 
> 2.19.1.930.g4563a0d9d0-goog
> 

Ping.  David, are you planning to apply this?

- Eric

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Thu, Feb 07, 2019 at 03:35:49PM -0800, Eric Biggers wrote:
> On Wed, Nov 14, 2018 at 04:52:38PM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > security/keys/ directory is only compiled if KEYS is enabled, so in
> > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > 
> > (Also remove an outdated comment from compat.c.)
> > 
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > ---
> >  security/keys/Kconfig    | 4 ----
> >  security/keys/Makefile   | 2 +-
> >  security/keys/compat.c   | 5 -----
> >  security/keys/internal.h | 4 ++--
> >  4 files changed, 3 insertions(+), 12 deletions(-)
> > 
> > diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> > index 6462e6654ccf4..e115d691d9776 100644
> > --- a/security/keys/Kconfig
> > +++ b/security/keys/Kconfig
> > @@ -20,10 +20,6 @@ config KEYS
> >  
> >  	  If you are unsure as to whether this is required, answer N.
> >  
> > -config KEYS_COMPAT
> > -	def_bool y
> > -	depends on COMPAT && KEYS
> > -
> >  config PERSISTENT_KEYRINGS
> >  	bool "Enable register of persistent per-UID keyrings"
> >  	depends on KEYS
> > diff --git a/security/keys/Makefile b/security/keys/Makefile
> > index 9cef54064f608..c694458d9a46c 100644
> > --- a/security/keys/Makefile
> > +++ b/security/keys/Makefile
> > @@ -17,7 +17,7 @@ obj-y := \
> >  	request_key_auth.o \
> >  	user_defined.o
> >  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> > -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> > +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
> >  obj-$(CONFIG_PROC_FS) += proc.o
> >  obj-$(CONFIG_SYSCTL) += sysctl.o
> >  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> > diff --git a/security/keys/compat.c b/security/keys/compat.c
> > index 9482df601dc33..f22527e88e3d5 100644
> > --- a/security/keys/compat.c
> > +++ b/security/keys/compat.c
> > @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
> >  
> >  /*
> >   * The key control system call, 32-bit compatibility version for 64-bit archs
> > - *
> > - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> > - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> > - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> > - * directly.
> >   */
> >  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
> >  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> > diff --git a/security/keys/internal.h b/security/keys/internal.h
> > index 74cb0ff42fedb..d1836e5d670cb 100644
> > --- a/security/keys/internal.h
> > +++ b/security/keys/internal.h
> > @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  			      size_t, struct keyctl_kdf_params __user *);
> >  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  				size_t, struct keyctl_kdf_params *);
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> >  				struct compat_keyctl_kdf_params __user *kdf);
> > @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  	return -EOPNOTSUPP;
> >  }
> >  
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  static inline long compat_keyctl_dh_compute(
> >  				struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> > -- 
> > 2.19.1.930.g4563a0d9d0-goog
> > 
> 
> Ping.  David, are you planning to apply this?
> 
> - Eric

Ping.

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Thu, Feb 07, 2019 at 03:35:49PM -0800, Eric Biggers wrote:
> On Wed, Nov 14, 2018 at 04:52:38PM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > security/keys/ directory is only compiled if KEYS is enabled, so in
> > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > 
> > (Also remove an outdated comment from compat.c.)
> > 
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > ---
> >  security/keys/Kconfig    | 4 ----
> >  security/keys/Makefile   | 2 +-
> >  security/keys/compat.c   | 5 -----
> >  security/keys/internal.h | 4 ++--
> >  4 files changed, 3 insertions(+), 12 deletions(-)
> > 
> > diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> > index 6462e6654ccf4..e115d691d9776 100644
> > --- a/security/keys/Kconfig
> > +++ b/security/keys/Kconfig
> > @@ -20,10 +20,6 @@ config KEYS
> >  
> >  	  If you are unsure as to whether this is required, answer N.
> >  
> > -config KEYS_COMPAT
> > -	def_bool y
> > -	depends on COMPAT && KEYS
> > -
> >  config PERSISTENT_KEYRINGS
> >  	bool "Enable register of persistent per-UID keyrings"
> >  	depends on KEYS
> > diff --git a/security/keys/Makefile b/security/keys/Makefile
> > index 9cef54064f608..c694458d9a46c 100644
> > --- a/security/keys/Makefile
> > +++ b/security/keys/Makefile
> > @@ -17,7 +17,7 @@ obj-y := \
> >  	request_key_auth.o \
> >  	user_defined.o
> >  compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
> > -obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
> > +obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
> >  obj-$(CONFIG_PROC_FS) += proc.o
> >  obj-$(CONFIG_SYSCTL) += sysctl.o
> >  obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
> > diff --git a/security/keys/compat.c b/security/keys/compat.c
> > index 9482df601dc33..f22527e88e3d5 100644
> > --- a/security/keys/compat.c
> > +++ b/security/keys/compat.c
> > @@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
> >  
> >  /*
> >   * The key control system call, 32-bit compatibility version for 64-bit archs
> > - *
> > - * This should only be called if the 64-bit arch uses weird pointers in 32-bit
> > - * mode or doesn't guarantee that the top 32-bits of the argument registers on
> > - * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
> > - * directly.
> >   */
> >  COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
> >  		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
> > diff --git a/security/keys/internal.h b/security/keys/internal.h
> > index 74cb0ff42fedb..d1836e5d670cb 100644
> > --- a/security/keys/internal.h
> > +++ b/security/keys/internal.h
> > @@ -272,7 +272,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  			      size_t, struct keyctl_kdf_params __user *);
> >  extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
> >  				size_t, struct keyctl_kdf_params *);
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> >  				struct compat_keyctl_kdf_params __user *kdf);
> > @@ -287,7 +287,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
> >  	return -EOPNOTSUPP;
> >  }
> >  
> > -#ifdef CONFIG_KEYS_COMPAT
> > +#ifdef CONFIG_COMPAT
> >  static inline long compat_keyctl_dh_compute(
> >  				struct keyctl_dh_params __user *params,
> >  				char __user *buffer, size_t buflen,
> > -- 
> > 2.19.1.930.g4563a0d9d0-goog
> > 
> 
> Ping.  David, are you planning to apply this?
> 
> - Eric

Ping.

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index ee502e4d390b8..5ac88f3f3f29c 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -21,10 +21,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config PERSISTENT_KEYRINGS
 	bool "Enable register of persistent per-UID keyrings"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 9cef54064f608..c694458d9a46c 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index 9482df601dc33..f22527e88e3d5 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -50,11 +50,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 8f533c81aa8dd..c4df853218493 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -259,7 +259,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -274,7 +274,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.22.0.rc1.257.g3120a18244-goog

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[James Morris]

On Wed, 29 May 2019, Eric Biggers wrote:

> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>


Reviewed-by: James Morris <jamorris@linux.microsoft.com>


-- 
James Morris
<jmorris@namei.org>

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index dd313438fecf..47c041563d41 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -21,10 +21,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config KEYS_REQUEST_CACHE
 	bool "Enable temporary caching of the last request_key() result"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 9cef54064f60..c694458d9a46 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index b0e59546e7bd..c25971de61a4 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -46,11 +46,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index e0c5bb8b1685..795c3fb5d51f 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -271,7 +271,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -286,7 +286,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.22.1

[PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

From: Eric Biggers <ebiggers@google.com>

KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
security/keys/ directory is only compiled if KEYS is enabled, so in
practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
unnecessary KEYS_COMPAT and just use COMPAT directly.

(Also remove an outdated comment from compat.c.)

Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 security/keys/Kconfig    | 4 ----
 security/keys/Makefile   | 2 +-
 security/keys/compat.c   | 5 -----
 security/keys/internal.h | 4 ++--
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index dd313438fecf9..47c041563d41c 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -21,10 +21,6 @@ config KEYS
 
 	  If you are unsure as to whether this is required, answer N.
 
-config KEYS_COMPAT
-	def_bool y
-	depends on COMPAT && KEYS
-
 config KEYS_REQUEST_CACHE
 	bool "Enable temporary caching of the last request_key() result"
 	depends on KEYS
diff --git a/security/keys/Makefile b/security/keys/Makefile
index 9cef54064f608..c694458d9a46c 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -17,7 +17,7 @@ obj-y := \
 	request_key_auth.o \
 	user_defined.o
 compat-obj-$(CONFIG_KEY_DH_OPERATIONS) += compat_dh.o
-obj-$(CONFIG_KEYS_COMPAT) += compat.o $(compat-obj-y)
+obj-$(CONFIG_COMPAT) += compat.o $(compat-obj-y)
 obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
diff --git a/security/keys/compat.c b/security/keys/compat.c
index 9bcc404131aa0..b975f8f11124b 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -46,11 +46,6 @@ static long compat_keyctl_instantiate_key_iov(
 
 /*
  * The key control system call, 32-bit compatibility version for 64-bit archs
- *
- * This should only be called if the 64-bit arch uses weird pointers in 32-bit
- * mode or doesn't guarantee that the top 32-bits of the argument registers on
- * taking a 32-bit syscall are zero.  If you can, you should call sys_keyctl()
- * directly.
  */
 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
 		       u32, arg2, u32, arg3, u32, arg4, u32, arg5)
diff --git a/security/keys/internal.h b/security/keys/internal.h
index c039373488bd9..ba3e2da14ceff 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -264,7 +264,7 @@ extern long keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 			      size_t, struct keyctl_kdf_params __user *);
 extern long __keyctl_dh_compute(struct keyctl_dh_params __user *, char __user *,
 				size_t, struct keyctl_kdf_params *);
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 extern long compat_keyctl_dh_compute(struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
 				struct compat_keyctl_kdf_params __user *kdf);
@@ -279,7 +279,7 @@ static inline long keyctl_dh_compute(struct keyctl_dh_params __user *params,
 	return -EOPNOTSUPP;
 }
 
-#ifdef CONFIG_KEYS_COMPAT
+#ifdef CONFIG_COMPAT
 static inline long compat_keyctl_dh_compute(
 				struct keyctl_dh_params __user *params,
 				char __user *buffer, size_t buflen,
-- 
2.23.0.581.g78d2f28ef7-goog

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Jarkko Sakkinen]

On Wed, Oct 09, 2019 at 04:04:43PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> security/keys/ directory is only compiled if KEYS is enabled, so in
> practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> unnecessary KEYS_COMPAT and just use COMPAT directly.
> 
> (Also remove an outdated comment from compat.c.)
> 
> Reviewed-by: James Morris <jamorris@linux.microsoft.com>
> Signed-off-by: Eric Biggers <ebiggers@google.com>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

(aka compiling with the different combinations).

/Jarkko

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Mon, Oct 14, 2019 at 10:53:54PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 09, 2019 at 04:04:43PM -0700, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > security/keys/ directory is only compiled if KEYS is enabled, so in
> > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > 
> > (Also remove an outdated comment from compat.c.)
> > 
> > Reviewed-by: James Morris <jamorris@linux.microsoft.com>
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> 
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> (aka compiling with the different combinations).
> 
> /Jarkko

Ping.

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Jarkko Sakkinen]

On Mon, Nov 11, 2019 at 10:20:47AM -0800, Eric Biggers wrote:
> On Mon, Oct 14, 2019 at 10:53:54PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Oct 09, 2019 at 04:04:43PM -0700, Eric Biggers wrote:
> > > From: Eric Biggers <ebiggers@google.com>
> > > 
> > > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > > security/keys/ directory is only compiled if KEYS is enabled, so in
> > > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > > 
> > > (Also remove an outdated comment from compat.c.)
> > > 
> > > Reviewed-by: James Morris <jamorris@linux.microsoft.com>
> > > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > 
> > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > 
> > (aka compiling with the different combinations).
> > 
> > /Jarkko
> 
> Ping.

I can pick this up to my v5.5-rc2 PR (already sent one for rc1).

/Jarkko

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Eric Biggers]

On Tue, Nov 12, 2019 at 10:08:48PM +0200, Jarkko Sakkinen wrote:
> On Mon, Nov 11, 2019 at 10:20:47AM -0800, Eric Biggers wrote:
> > On Mon, Oct 14, 2019 at 10:53:54PM +0300, Jarkko Sakkinen wrote:
> > > On Wed, Oct 09, 2019 at 04:04:43PM -0700, Eric Biggers wrote:
> > > > From: Eric Biggers <ebiggers@google.com>
> > > > 
> > > > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > > > security/keys/ directory is only compiled if KEYS is enabled, so in
> > > > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > > > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > > > 
> > > > (Also remove an outdated comment from compat.c.)
> > > > 
> > > > Reviewed-by: James Morris <jamorris@linux.microsoft.com>
> > > > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > > 
> > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > 
> > > (aka compiling with the different combinations).
> > > 
> > > /Jarkko
> > 
> > Ping.
> 
> I can pick this up to my v5.5-rc2 PR (already sent one for rc1).
> 
> /Jarkko

Ping.

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Jarkko Sakkinen]

On Mon, Dec 09, 2019 at 12:18:42PM -0800, Eric Biggers wrote:
> On Tue, Nov 12, 2019 at 10:08:48PM +0200, Jarkko Sakkinen wrote:
> > On Mon, Nov 11, 2019 at 10:20:47AM -0800, Eric Biggers wrote:
> > > On Mon, Oct 14, 2019 at 10:53:54PM +0300, Jarkko Sakkinen wrote:
> > > > On Wed, Oct 09, 2019 at 04:04:43PM -0700, Eric Biggers wrote:
> > > > > From: Eric Biggers <ebiggers@google.com>
> > > > > 
> > > > > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > > > > security/keys/ directory is only compiled if KEYS is enabled, so in
> > > > > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > > > > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > > > > 
> > > > > (Also remove an outdated comment from compat.c.)
> > > > > 
> > > > > Reviewed-by: James Morris <jamorris@linux.microsoft.com>
> > > > > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > > > 
> > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > 
> > > > (aka compiling with the different combinations).
> > > > 
> > > > /Jarkko
> > > 
> > > Ping.
> > 
> > I can pick this up to my v5.5-rc2 PR (already sent one for rc1).
> > 
> > /Jarkko
> 
> Ping.

rc1 was just out last Sunday so nothing could have happened to this
anyway. It is on my queue but we have to fix tpm_tis issues first.

/Jarkko

Re: [PATCH RESEND] KEYS: remove CONFIG_KEYS_COMPAT

[Jarkko Sakkinen]

On Mon, Oct 14, 2019 at 10:53:54PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 09, 2019 at 04:04:43PM -0700, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > KEYS_COMPAT now always takes the value of COMPAT && KEYS.  But the
> > security/keys/ directory is only compiled if KEYS is enabled, so in
> > practice KEYS_COMPAT is the same as COMPAT.  Therefore, remove the
> > unnecessary KEYS_COMPAT and just use COMPAT directly.
> > 
> > (Also remove an outdated comment from compat.c.)
> > 
> > Reviewed-by: James Morris <jamorris@linux.microsoft.com>
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> 
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> (aka compiling with the different combinations).

I applied this to git://git.infradead.org/users/jjs/linux-tpmdd.git

/Jarkko