From: Dave Jiang <dave.jiang@intel.com> To: Dan Williams <dan.j.williams@intel.com> Cc: "Schofield, Alison" <alison.schofield@intel.com>, Kees Cook <keescook@chromium.org>, linux-nvdimm <linux-nvdimm@lists.01.org>, ebiggers3@gmail.com, David Howells <dhowells@redhat.com>, keyrings@vger.kernel.org Subject: Re: [PATCH v8 04/12] keys: export lookup_user_key to external users Date: Fri, 21 Sep 2018 15:02:45 -0700 [thread overview] Message-ID: <94a8dece-9a06-3451-1610-ffa49cc8148a@intel.com> (raw) In-Reply-To: <CAPcyv4jO9-OrBvDNxN6hB4X6bPKnerqkdh812_LjScwe44mX2A@mail.gmail.com> On 09/21/2018 02:59 PM, Dan Williams wrote: > On Tue, Aug 28, 2018 at 3:47 PM Dave Jiang <dave.jiang@intel.com> wrote: >> >> Export lookup_user_key() symbol in order to allow nvdimm passphrase >> update to retrieve user injected keys. >> >> Signed-off-by: Dave Jiang <dave.jiang@intel.com> >> Cc: David Howells <dhowells@redhat.com> >> --- >> include/linux/key.h | 3 +++ >> security/keys/internal.h | 2 -- >> security/keys/process_keys.c | 1 + >> 3 files changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/include/linux/key.h b/include/linux/key.h >> index e58ee10f6e58..7099985e35a9 100644 >> --- a/include/linux/key.h >> +++ b/include/linux/key.h >> @@ -346,6 +346,9 @@ static inline key_serial_t key_serial(const struct key *key) >> >> extern void key_set_timeout(struct key *, unsigned); >> >> +extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, >> + key_perm_t perm); >> + >> /* >> * The permissions required on a key that we're looking up. >> */ >> diff --git a/security/keys/internal.h b/security/keys/internal.h >> index 9f8208dc0e55..9968b21a76dd 100644 >> --- a/security/keys/internal.h >> +++ b/security/keys/internal.h >> @@ -158,8 +158,6 @@ extern struct key *request_key_and_link(struct key_type *type, >> >> extern bool lookup_user_key_possessed(const struct key *key, >> const struct key_match_data *match_data); >> -extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, >> - key_perm_t perm); >> #define KEY_LOOKUP_CREATE 0x01 >> #define KEY_LOOKUP_PARTIAL 0x02 >> #define KEY_LOOKUP_FOR_UNLINK 0x04 >> diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c >> index d5b25e535d3a..ec4fd4531224 100644 >> --- a/security/keys/process_keys.c >> +++ b/security/keys/process_keys.c >> @@ -755,6 +755,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, >> put_cred(ctx.cred); >> goto try_again; >> } >> +EXPORT_SYMBOL(lookup_user_key); > > This looks like a core api for affecting keyctl api internals, should > it be EXPORT_SYMBOL_GPL? Yes something I overlooked. > > At a minimum this needs David's ack. > David, can you please ACK? Thanks! _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm
WARNING: multiple messages have this Message-ID (diff)
From: Dave Jiang <dave.jiang@intel.com> To: Dan Williams <dan.j.williams@intel.com> Cc: "Schofield, Alison" <alison.schofield@intel.com>, Kees Cook <keescook@chromium.org>, linux-nvdimm <linux-nvdimm@lists.01.org>, ebiggers3@gmail.com, David Howells <dhowells@redhat.com>, keyrings@vger.kernel.org Subject: Re: [PATCH v8 04/12] keys: export lookup_user_key to external users Date: Fri, 21 Sep 2018 22:02:45 +0000 [thread overview] Message-ID: <94a8dece-9a06-3451-1610-ffa49cc8148a@intel.com> (raw) In-Reply-To: <CAPcyv4jO9-OrBvDNxN6hB4X6bPKnerqkdh812_LjScwe44mX2A@mail.gmail.com> On 09/21/2018 02:59 PM, Dan Williams wrote: > On Tue, Aug 28, 2018 at 3:47 PM Dave Jiang <dave.jiang@intel.com> wrote: >> >> Export lookup_user_key() symbol in order to allow nvdimm passphrase >> update to retrieve user injected keys. >> >> Signed-off-by: Dave Jiang <dave.jiang@intel.com> >> Cc: David Howells <dhowells@redhat.com> >> --- >> include/linux/key.h | 3 +++ >> security/keys/internal.h | 2 -- >> security/keys/process_keys.c | 1 + >> 3 files changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/include/linux/key.h b/include/linux/key.h >> index e58ee10f6e58..7099985e35a9 100644 >> --- a/include/linux/key.h >> +++ b/include/linux/key.h >> @@ -346,6 +346,9 @@ static inline key_serial_t key_serial(const struct key *key) >> >> extern void key_set_timeout(struct key *, unsigned); >> >> +extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, >> + key_perm_t perm); >> + >> /* >> * The permissions required on a key that we're looking up. >> */ >> diff --git a/security/keys/internal.h b/security/keys/internal.h >> index 9f8208dc0e55..9968b21a76dd 100644 >> --- a/security/keys/internal.h >> +++ b/security/keys/internal.h >> @@ -158,8 +158,6 @@ extern struct key *request_key_and_link(struct key_type *type, >> >> extern bool lookup_user_key_possessed(const struct key *key, >> const struct key_match_data *match_data); >> -extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, >> - key_perm_t perm); >> #define KEY_LOOKUP_CREATE 0x01 >> #define KEY_LOOKUP_PARTIAL 0x02 >> #define KEY_LOOKUP_FOR_UNLINK 0x04 >> diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c >> index d5b25e535d3a..ec4fd4531224 100644 >> --- a/security/keys/process_keys.c >> +++ b/security/keys/process_keys.c >> @@ -755,6 +755,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, >> put_cred(ctx.cred); >> goto try_again; >> } >> +EXPORT_SYMBOL(lookup_user_key); > > This looks like a core api for affecting keyctl api internals, should > it be EXPORT_SYMBOL_GPL? Yes something I overlooked. > > At a minimum this needs David's ack. > David, can you please ACK? Thanks!
next prev parent reply other threads:[~2018-09-21 22:02 UTC|newest] Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-08-28 22:47 [PATCH v8 00/12] Adding security support for nvdimm Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-08-28 22:47 ` [PATCH v8 01/12] nfit: add support for Intel DSM 1.7 commands Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-08-28 22:47 ` [PATCH v8 02/12] libnvdimm: create keyring to store security keys Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-09-22 0:19 ` Dan Williams 2018-09-22 0:19 ` Dan Williams 2018-09-24 21:04 ` David Howells 2018-09-24 21:04 ` David Howells 2018-09-24 21:12 ` Dave Jiang 2018-09-24 21:12 ` Dave Jiang 2018-08-28 22:47 ` [PATCH v8 03/12] nfit/libnvdimm: store dimm id as a member to struct nvdimm Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-08-28 22:47 ` [PATCH v8 04/12] keys: export lookup_user_key to external users Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-09-21 21:59 ` Dan Williams 2018-09-21 21:59 ` Dan Williams 2018-09-21 22:02 ` Dave Jiang [this message] 2018-09-21 22:02 ` Dave Jiang 2018-09-21 23:05 ` David Howells 2018-09-21 23:05 ` David Howells 2018-08-28 22:47 ` [PATCH v8 05/12] nfit/libnvdimm: add unlock of nvdimm support for Intel DIMMs Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-09-23 0:10 ` Dan Williams 2018-09-23 0:10 ` Dan Williams 2018-08-28 22:47 ` [PATCH v8 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms Dave Jiang 2018-08-28 22:47 ` [PATCH v8 07/12] nfit/libnvdimm: add disable passphrase support to Intel nvdimm Dave Jiang 2018-08-28 22:47 ` Dave Jiang 2018-08-28 22:48 ` [PATCH v8 08/12] nfit/libnvdimm: add freeze security " Dave Jiang 2018-08-28 22:48 ` Dave Jiang 2018-08-28 22:48 ` [PATCH v8 09/12] nfit/libnvdimm: add support for issue secure erase DSM " Dave Jiang 2018-08-28 22:48 ` Dave Jiang 2018-08-28 22:48 ` [PATCH v8 10/12] nfit_test: add context to dimm_dev for nfit_test Dave Jiang 2018-08-28 22:48 ` Dave Jiang 2018-08-28 22:48 ` [PATCH v8 11/12] nfit_test: add test support for Intel nvdimm security DSMs Dave Jiang 2018-08-28 22:48 ` Dave Jiang 2018-08-28 22:48 ` [PATCH v8 12/12] libnvdimm: add documentation for nvdimm security support Dave Jiang 2018-08-28 22:48 ` Dave Jiang 2018-09-21 23:07 ` [PATCH v8 02/12] libnvdimm: create keyring to store security keys David Howells 2018-09-21 23:07 ` David Howells 2018-09-21 23:20 ` [PATCH v8 05/12] nfit/libnvdimm: add unlock of nvdimm support for Intel DIMMs David Howells 2018-09-21 23:20 ` David Howells 2018-09-21 23:27 ` Dave Jiang 2018-09-21 23:27 ` Dave Jiang 2018-09-21 23:51 ` Dan Williams 2018-09-21 23:51 ` Dan Williams 2018-09-21 23:57 ` [PATCH v8 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms David Howells 2018-09-21 23:57 ` David Howells 2018-09-22 0:25 ` Dave Jiang 2018-09-22 0:25 ` Dave Jiang 2018-09-22 1:26 ` Dan Williams 2018-09-22 1:26 ` Dan Williams 2018-09-22 0:01 ` [PATCH v8 04/12] keys: export lookup_user_key to external users David Howells 2018-09-22 0:01 ` David Howells 2018-09-24 21:02 ` [PATCH v8 02/12] libnvdimm: create keyring to store security keys David Howells 2018-09-24 21:02 ` David Howells 2018-09-24 21:15 ` Dave Jiang 2018-09-24 21:15 ` Dave Jiang
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=94a8dece-9a06-3451-1610-ffa49cc8148a@intel.com \ --to=dave.jiang@intel.com \ --cc=alison.schofield@intel.com \ --cc=dan.j.williams@intel.com \ --cc=dhowells@redhat.com \ --cc=ebiggers3@gmail.com \ --cc=keescook@chromium.org \ --cc=keyrings@vger.kernel.org \ --cc=linux-nvdimm@lists.01.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.