diff mbox series

integrity: Remove references to module keyring

Message ID 20181213013909.25737-1-bauerman@linux.ibm.com (mailing list archive)
State New, archived
Headers show
Series integrity: Remove references to module keyring | expand

Commit Message

Thiago Jung Bauermann Dec. 13, 2018, 1:39 a.m. UTC 
From what I can tell, it has never been used.

Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
---
 security/integrity/digsig.c    | 1 -
 security/integrity/integrity.h | 5 ++---
 2 files changed, 2 insertions(+), 4 deletions(-)

Comments

James Morris Dec. 17, 2018, 7:33 p.m. UTC | #1 
On Wed, 12 Dec 2018, Thiago Jung Bauermann wrote:

> >From what I can tell, it has never been used.
> 
> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>

Mimi, can I add your acked-by?


> ---
>  security/integrity/digsig.c    | 1 -
>  security/integrity/integrity.h | 5 ++---
>  2 files changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
> index c5585e75d5d9..1ff8eab7bc8c 100644
> --- a/security/integrity/digsig.c
> +++ b/security/integrity/digsig.c
> @@ -34,7 +34,6 @@ static const char * const keyring_name[INTEGRITY_KEYRING_MAX] = {
>  	".evm",
>  	".ima",
>  #endif
> -	"_module",
>  	".platform",
>  };
>  
> diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
> index aafa1266e3d5..26c415c3f879 100644
> --- a/security/integrity/integrity.h
> +++ b/security/integrity/integrity.h
> @@ -152,9 +152,8 @@ int integrity_kernel_read(struct file *file, loff_t offset,
>  
>  #define INTEGRITY_KEYRING_EVM		0
>  #define INTEGRITY_KEYRING_IMA		1
> -#define INTEGRITY_KEYRING_MODULE	2
> -#define INTEGRITY_KEYRING_PLATFORM	3
> -#define INTEGRITY_KEYRING_MAX		4
> +#define INTEGRITY_KEYRING_PLATFORM	2
> +#define INTEGRITY_KEYRING_MAX		3
>  
>  extern struct dentry *integrity_dir;
>  
>
Mimi Zohar Dec. 17, 2018, 8:03 p.m. UTC | #2 
On Tue, 2018-12-18 at 06:33 +1100, James Morris wrote:
> On Wed, 12 Dec 2018, Thiago Jung Bauermann wrote:
> 
> > >From what I can tell, it has never been used.

This was introduced prior to Rusty's decision to use appended
signatures for kernel modules.

> > 
> > Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
> 
> Mimi, can I add your acked-by?

Acked-by: Mimi Zohar <zohar@linux.ibm.com>

> 
> 
> > ---
> >  security/integrity/digsig.c    | 1 -
> >  security/integrity/integrity.h | 5 ++---
> >  2 files changed, 2 insertions(+), 4 deletions(-)
> > 
> > diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
> > index c5585e75d5d9..1ff8eab7bc8c 100644
> > --- a/security/integrity/digsig.c
> > +++ b/security/integrity/digsig.c
> > @@ -34,7 +34,6 @@ static const char * const keyring_name[INTEGRITY_KEYRING_MAX] = {
> >  	".evm",
> >  	".ima",
> >  #endif
> > -	"_module",
> >  	".platform",
> >  };
> >  
> > diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
> > index aafa1266e3d5..26c415c3f879 100644
> > --- a/security/integrity/integrity.h
> > +++ b/security/integrity/integrity.h
> > @@ -152,9 +152,8 @@ int integrity_kernel_read(struct file *file, loff_t offset,
> >  
> >  #define INTEGRITY_KEYRING_EVM		0
> >  #define INTEGRITY_KEYRING_IMA		1
> > -#define INTEGRITY_KEYRING_MODULE	2
> > -#define INTEGRITY_KEYRING_PLATFORM	3
> > -#define INTEGRITY_KEYRING_MAX		4
> > +#define INTEGRITY_KEYRING_PLATFORM	2
> > +#define INTEGRITY_KEYRING_MAX		3
> >  
> >  extern struct dentry *integrity_dir;
> >  
> > 
>
James Morris Dec. 17, 2018, 10:11 p.m. UTC | #3 
On Mon, 17 Dec 2018, Mimi Zohar wrote:

> On Tue, 2018-12-18 at 06:33 +1100, James Morris wrote:
> > On Wed, 12 Dec 2018, Thiago Jung Bauermann wrote:
> > 
> > > >From what I can tell, it has never been used.
> 
> This was introduced prior to Rusty's decision to use appended
> signatures for kernel modules.
> 
> > > 
> > > Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
> > 
> > Mimi, can I add your acked-by?
> 
> Acked-by: Mimi Zohar <zohar@linux.ibm.com>

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-integrity
and next-testing
Thiago Jung Bauermann Dec. 17, 2018, 10:37 p.m. UTC | #4 
James Morris <jmorris@namei.org> writes:

> On Mon, 17 Dec 2018, Mimi Zohar wrote:
>
>> On Tue, 2018-12-18 at 06:33 +1100, James Morris wrote:
>> > On Wed, 12 Dec 2018, Thiago Jung Bauermann wrote:
>> > 
>> > > >From what I can tell, it has never been used.
>> 
>> This was introduced prior to Rusty's decision to use appended
>> signatures for kernel modules.
>> 
>> > > 
>> > > Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
>> > 
>> > Mimi, can I add your acked-by?
>> 
>> Acked-by: Mimi Zohar <zohar@linux.ibm.com>
>
> Applied to
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-integrity
> and next-testing

Thanks!
diff mbox series

Patch

diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index c5585e75d5d9..1ff8eab7bc8c 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -34,7 +34,6 @@  static const char * const keyring_name[INTEGRITY_KEYRING_MAX] = {
 	".evm",
 	".ima",
 #endif
-	"_module",
 	".platform",
 };
 
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index aafa1266e3d5..26c415c3f879 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -152,9 +152,8 @@  int integrity_kernel_read(struct file *file, loff_t offset,
 
 #define INTEGRITY_KEYRING_EVM		0
 #define INTEGRITY_KEYRING_IMA		1
-#define INTEGRITY_KEYRING_MODULE	2
-#define INTEGRITY_KEYRING_PLATFORM	3
-#define INTEGRITY_KEYRING_MAX		4
+#define INTEGRITY_KEYRING_PLATFORM	2
+#define INTEGRITY_KEYRING_MAX		3
 
 extern struct dentry *integrity_dir;