[OpenAFS-devel] linux keyring handling

[Marc Dionne]

On Thu, Aug 29, 2013 at 3:44 AM, Christof Hanke
<christof.hanke@rzg.mpg.de> wrote:
> Hello,
>
> we just had a problem with the kernels of SLES 11 SP3.
> The keyrings wouldn't work and the pagsh would be apparently
> work, but was ineffective. (That's why http://gerrit.openafs.org/#change,10179)
>
> The problem is that in linux/security/keys/key.c __key_instantiate_and_link() they make a decision upon
> what's done for STRUCT_KEY_TYPE_HAS_PREPARSE in the cachemanager like this :
>
>                 /* instantiate the key */
>                 if (key->type->instantiate)
>                         ret = key->type->instantiate(key, prep->data, prep->datalen);
>                 else if (key->type->instantiate_prep)
>                         ret = key->type->instantiate_prep(key, prep);
>
>
>
> So, the question is :
> is the member key->type->instantiate_prep present in any other Linux-kernels ?

Hi Christof,

Searching through Google suggests that instantiate_prep is a Suse
specific change, which they probably did to minimize the impact on
some out of tree code, theirs or their customers.  The mainline kernel
has never had an instantiate_prep key type op.

> I have a patch in the srpm which applies only to the affected kernels.
> However, I am a bit reluctant to add yet another ifdef to the cachemanager just for one flavour  of kernel, which will
> go away in a few years time anyway again.
>
> Is it ok to keep that patch distribution-local or should I push a generic patch (including configure test etc) ?

Given that it's a major distribution, It's much better to add one more
test and ifdef than to have someone carry a local patch that other
users will not be aware of, IMO.  The configure test can be a
one-liner with AC_CHECK_LINUX_STRUCT.

Marc