diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-11-09 15:40:36 +0000 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-11-09 15:42:05 +0000 |
commit | bc181d00ed9ef851de6e570cf76cf198ea032266 (patch) | |
tree | 2d4b0a7125dbe81448db510e485ec99c66717839 | |
parent | c323c453b2485a33bfb33635a07f3a50bc1db1ee (diff) | |
download | kernel_replicant_linux-bc181d00ed9ef851de6e570cf76cf198ea032266.tar.gz kernel_replicant_linux-bc181d00ed9ef851de6e570cf76cf198ea032266.tar.bz2 kernel_replicant_linux-bc181d00ed9ef851de6e570cf76cf198ea032266.zip |
Fix context in "KEYS: Make use of platform keyring for module signature verify"
This patch had no space at the beginning of the context lines.
quilt/patch accepts "\t" at the beginning as equivalent to " \t", but
dpkg-source does not.
-rw-r--r-- | debian/patches/features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signature.patch | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/debian/patches/features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signature.patch b/debian/patches/features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signature.patch index c36c12958672..f00bf3d243ae 100644 --- a/debian/patches/features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signature.patch +++ b/debian/patches/features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signature.patch @@ -19,14 +19,12 @@ Signed-off-by: Jeremy Cline <jcline@redhat.com> kernel/module_signing.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) -Index: debian-kernel/kernel/module_signing.c -=================================================================== ---- debian-kernel.orig/kernel/module_signing.c -+++ debian-kernel/kernel/module_signing.c +--- a/kernel/module_signing.c ++++ b/kernel/module_signing.c @@ -135,6 +135,13 @@ int mod_verify_sig(const void *mod, stru - VERIFYING_MODULE_SIGNATURE, - NULL, NULL); - pr_devel("verify_pkcs7_signature() = %d\n", ret); + VERIFYING_MODULE_SIGNATURE, + NULL, NULL); + pr_devel("verify_pkcs7_signature() = %d\n", ret); + if (ret == -ENOKEY && IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING)) { + ret = verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len, + VERIFY_USE_PLATFORM_KEYRING, @@ -34,6 +32,6 @@ Index: debian-kernel/kernel/module_signing.c + NULL, NULL); + pr_devel("verify_pkcs7_signature() = %d\n", ret); + } - - /* checking hash of module is in blacklist */ - if (!ret) + + /* checking hash of module is in blacklist */ + if (!ret) |