From: Dave Jiang <dave.jiang@intel.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: "Schofield, Alison" <alison.schofield@intel.com>,
Kees Cook <keescook@chromium.org>,
linux-nvdimm <linux-nvdimm@lists.01.org>,
ebiggers3@gmail.com, David Howells <dhowells@redhat.com>,
keyrings@vger.kernel.org
Subject: Re: [PATCH v8 04/12] keys: export lookup_user_key to external users
Date: Fri, 21 Sep 2018 15:02:45 -0700 [thread overview]
Message-ID: <94a8dece-9a06-3451-1610-ffa49cc8148a@intel.com> (raw)
In-Reply-To: <CAPcyv4jO9-OrBvDNxN6hB4X6bPKnerqkdh812_LjScwe44mX2A@mail.gmail.com>
On 09/21/2018 02:59 PM, Dan Williams wrote:
> On Tue, Aug 28, 2018 at 3:47 PM Dave Jiang <dave.jiang@intel.com> wrote:
>>
>> Export lookup_user_key() symbol in order to allow nvdimm passphrase
>> update to retrieve user injected keys.
>>
>> Signed-off-by: Dave Jiang <dave.jiang@intel.com>
>> Cc: David Howells <dhowells@redhat.com>
>> ---
>> include/linux/key.h | 3 +++
>> security/keys/internal.h | 2 --
>> security/keys/process_keys.c | 1 +
>> 3 files changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/include/linux/key.h b/include/linux/key.h
>> index e58ee10f6e58..7099985e35a9 100644
>> --- a/include/linux/key.h
>> +++ b/include/linux/key.h
>> @@ -346,6 +346,9 @@ static inline key_serial_t key_serial(const struct key *key)
>>
>> extern void key_set_timeout(struct key *, unsigned);
>>
>> +extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
>> + key_perm_t perm);
>> +
>> /*
>> * The permissions required on a key that we're looking up.
>> */
>> diff --git a/security/keys/internal.h b/security/keys/internal.h
>> index 9f8208dc0e55..9968b21a76dd 100644
>> --- a/security/keys/internal.h
>> +++ b/security/keys/internal.h
>> @@ -158,8 +158,6 @@ extern struct key *request_key_and_link(struct key_type *type,
>>
>> extern bool lookup_user_key_possessed(const struct key *key,
>> const struct key_match_data *match_data);
>> -extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
>> - key_perm_t perm);
>> #define KEY_LOOKUP_CREATE 0x01
>> #define KEY_LOOKUP_PARTIAL 0x02
>> #define KEY_LOOKUP_FOR_UNLINK 0x04
>> diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
>> index d5b25e535d3a..ec4fd4531224 100644
>> --- a/security/keys/process_keys.c
>> +++ b/security/keys/process_keys.c
>> @@ -755,6 +755,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
>> put_cred(ctx.cred);
>> goto try_again;
>> }
>> +EXPORT_SYMBOL(lookup_user_key);
>
> This looks like a core api for affecting keyctl api internals, should
> it be EXPORT_SYMBOL_GPL?
Yes something I overlooked.
>
> At a minimum this needs David's ack.
>
David, can you please ACK? Thanks!
_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm
WARNING: multiple messages have this Message-ID (diff)
From: Dave Jiang <dave.jiang@intel.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: "Schofield, Alison" <alison.schofield@intel.com>,
Kees Cook <keescook@chromium.org>,
linux-nvdimm <linux-nvdimm@lists.01.org>,
ebiggers3@gmail.com, David Howells <dhowells@redhat.com>,
keyrings@vger.kernel.org
Subject: Re: [PATCH v8 04/12] keys: export lookup_user_key to external users
Date: Fri, 21 Sep 2018 22:02:45 +0000 [thread overview]
Message-ID: <94a8dece-9a06-3451-1610-ffa49cc8148a@intel.com> (raw)
In-Reply-To: <CAPcyv4jO9-OrBvDNxN6hB4X6bPKnerqkdh812_LjScwe44mX2A@mail.gmail.com>
On 09/21/2018 02:59 PM, Dan Williams wrote:
> On Tue, Aug 28, 2018 at 3:47 PM Dave Jiang <dave.jiang@intel.com> wrote:
>>
>> Export lookup_user_key() symbol in order to allow nvdimm passphrase
>> update to retrieve user injected keys.
>>
>> Signed-off-by: Dave Jiang <dave.jiang@intel.com>
>> Cc: David Howells <dhowells@redhat.com>
>> ---
>> include/linux/key.h | 3 +++
>> security/keys/internal.h | 2 --
>> security/keys/process_keys.c | 1 +
>> 3 files changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/include/linux/key.h b/include/linux/key.h
>> index e58ee10f6e58..7099985e35a9 100644
>> --- a/include/linux/key.h
>> +++ b/include/linux/key.h
>> @@ -346,6 +346,9 @@ static inline key_serial_t key_serial(const struct key *key)
>>
>> extern void key_set_timeout(struct key *, unsigned);
>>
>> +extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
>> + key_perm_t perm);
>> +
>> /*
>> * The permissions required on a key that we're looking up.
>> */
>> diff --git a/security/keys/internal.h b/security/keys/internal.h
>> index 9f8208dc0e55..9968b21a76dd 100644
>> --- a/security/keys/internal.h
>> +++ b/security/keys/internal.h
>> @@ -158,8 +158,6 @@ extern struct key *request_key_and_link(struct key_type *type,
>>
>> extern bool lookup_user_key_possessed(const struct key *key,
>> const struct key_match_data *match_data);
>> -extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags,
>> - key_perm_t perm);
>> #define KEY_LOOKUP_CREATE 0x01
>> #define KEY_LOOKUP_PARTIAL 0x02
>> #define KEY_LOOKUP_FOR_UNLINK 0x04
>> diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
>> index d5b25e535d3a..ec4fd4531224 100644
>> --- a/security/keys/process_keys.c
>> +++ b/security/keys/process_keys.c
>> @@ -755,6 +755,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags,
>> put_cred(ctx.cred);
>> goto try_again;
>> }
>> +EXPORT_SYMBOL(lookup_user_key);
>
> This looks like a core api for affecting keyctl api internals, should
> it be EXPORT_SYMBOL_GPL?
Yes something I overlooked.
>
> At a minimum this needs David's ack.
>
David, can you please ACK? Thanks!
next prev parent reply other threads:[~2018-09-21 22:02 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-28 22:47 [PATCH v8 00/12] Adding security support for nvdimm Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-08-28 22:47 ` [PATCH v8 01/12] nfit: add support for Intel DSM 1.7 commands Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-08-28 22:47 ` [PATCH v8 02/12] libnvdimm: create keyring to store security keys Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-09-22 0:19 ` Dan Williams
2018-09-22 0:19 ` Dan Williams
2018-09-24 21:04 ` David Howells
2018-09-24 21:04 ` David Howells
2018-09-24 21:12 ` Dave Jiang
2018-09-24 21:12 ` Dave Jiang
2018-08-28 22:47 ` [PATCH v8 03/12] nfit/libnvdimm: store dimm id as a member to struct nvdimm Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-08-28 22:47 ` [PATCH v8 04/12] keys: export lookup_user_key to external users Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-09-21 21:59 ` Dan Williams
2018-09-21 21:59 ` Dan Williams
2018-09-21 22:02 ` Dave Jiang [this message]
2018-09-21 22:02 ` Dave Jiang
2018-09-21 23:05 ` David Howells
2018-09-21 23:05 ` David Howells
2018-08-28 22:47 ` [PATCH v8 05/12] nfit/libnvdimm: add unlock of nvdimm support for Intel DIMMs Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-09-23 0:10 ` Dan Williams
2018-09-23 0:10 ` Dan Williams
2018-08-28 22:47 ` [PATCH v8 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms Dave Jiang
2018-08-28 22:47 ` [PATCH v8 07/12] nfit/libnvdimm: add disable passphrase support to Intel nvdimm Dave Jiang
2018-08-28 22:47 ` Dave Jiang
2018-08-28 22:48 ` [PATCH v8 08/12] nfit/libnvdimm: add freeze security " Dave Jiang
2018-08-28 22:48 ` Dave Jiang
2018-08-28 22:48 ` [PATCH v8 09/12] nfit/libnvdimm: add support for issue secure erase DSM " Dave Jiang
2018-08-28 22:48 ` Dave Jiang
2018-08-28 22:48 ` [PATCH v8 10/12] nfit_test: add context to dimm_dev for nfit_test Dave Jiang
2018-08-28 22:48 ` Dave Jiang
2018-08-28 22:48 ` [PATCH v8 11/12] nfit_test: add test support for Intel nvdimm security DSMs Dave Jiang
2018-08-28 22:48 ` Dave Jiang
2018-08-28 22:48 ` [PATCH v8 12/12] libnvdimm: add documentation for nvdimm security support Dave Jiang
2018-08-28 22:48 ` Dave Jiang
2018-09-21 23:07 ` [PATCH v8 02/12] libnvdimm: create keyring to store security keys David Howells
2018-09-21 23:07 ` David Howells
2018-09-21 23:20 ` [PATCH v8 05/12] nfit/libnvdimm: add unlock of nvdimm support for Intel DIMMs David Howells
2018-09-21 23:20 ` David Howells
2018-09-21 23:27 ` Dave Jiang
2018-09-21 23:27 ` Dave Jiang
2018-09-21 23:51 ` Dan Williams
2018-09-21 23:51 ` Dan Williams
2018-09-21 23:57 ` [PATCH v8 06/12] nfit/libnvdimm: add set passphrase support for Intel nvdimms David Howells
2018-09-21 23:57 ` David Howells
2018-09-22 0:25 ` Dave Jiang
2018-09-22 0:25 ` Dave Jiang
2018-09-22 1:26 ` Dan Williams
2018-09-22 1:26 ` Dan Williams
2018-09-22 0:01 ` [PATCH v8 04/12] keys: export lookup_user_key to external users David Howells
2018-09-22 0:01 ` David Howells
2018-09-24 21:02 ` [PATCH v8 02/12] libnvdimm: create keyring to store security keys David Howells
2018-09-24 21:02 ` David Howells
2018-09-24 21:15 ` Dave Jiang
2018-09-24 21:15 ` Dave Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=94a8dece-9a06-3451-1610-ffa49cc8148a@intel.com \
--to=dave.jiang@intel.com \
--cc=alison.schofield@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dhowells@redhat.com \
--cc=ebiggers3@gmail.com \
--cc=keescook@chromium.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.