Message ID | 20230809195315.1085656-4-nayna@linux.ibm.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Enable loading local and third party keys on PowerVM guest | expand |
On Wed Aug 9, 2023 at 10:53 PM EEST, Nayna Jain wrote: > trust_mok variable is accessed within a single function locally. > > Change trust_mok from global to local static variable. > > Signed-off-by: Nayna Jain <nayna@linux.ibm.com> > Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com> > --- > security/integrity/platform_certs/machine_keyring.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/security/integrity/platform_certs/machine_keyring.c b/security/integrity/platform_certs/machine_keyring.c > index 389a6e7c9245..9482e16cb2ca 100644 > --- a/security/integrity/platform_certs/machine_keyring.c > +++ b/security/integrity/platform_certs/machine_keyring.c > @@ -8,8 +8,6 @@ > #include <linux/efi.h> > #include "../integrity.h" > > -static bool trust_mok; > - > static __init int machine_keyring_init(void) > { > int rc; > @@ -65,9 +63,11 @@ static __init bool uefi_check_trust_mok_keys(void) > bool __init trust_moklist(void) > { > static bool initialized; > + static bool trust_mok; > > if (!initialized) { > initialized = true; > + trust_mok = false; > > if (uefi_check_trust_mok_keys()) > trust_mok = true; Nice catch. Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
diff --git a/security/integrity/platform_certs/machine_keyring.c b/security/integrity/platform_certs/machine_keyring.c index 389a6e7c9245..9482e16cb2ca 100644 --- a/security/integrity/platform_certs/machine_keyring.c +++ b/security/integrity/platform_certs/machine_keyring.c @@ -8,8 +8,6 @@ #include <linux/efi.h> #include "../integrity.h" -static bool trust_mok; - static __init int machine_keyring_init(void) { int rc; @@ -65,9 +63,11 @@ static __init bool uefi_check_trust_mok_keys(void) bool __init trust_moklist(void) { static bool initialized; + static bool trust_mok; if (!initialized) { initialized = true; + trust_mok = false; if (uefi_check_trust_mok_keys()) trust_mok = true;
trust_mok variable is accessed within a single function locally. Change trust_mok from global to local static variable. Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com> --- security/integrity/platform_certs/machine_keyring.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)