[OpenAFS-devel] linux keyring handling
Christof Hanke
christof.hanke@rzg.mpg.de
Thu, 29 Aug 2013 16:26:55 +0200
On Thu, 29 Aug 2013 08:02:40 -0400
Marc Dionne <marc.c.dionne@gmail.com> wrote:
> On Thu, Aug 29, 2013 at 3:44 AM, Christof Hanke
> <christof.hanke@rzg.mpg.de> wrote:
> > Hello,
> >
> > we just had a problem with the kernels of SLES 11 SP3.
> > The keyrings wouldn't work and the pagsh would be apparently
> > work, but was ineffective. (That's why http://gerrit.openafs.org/#change,10179)
> >
> > The problem is that in linux/security/keys/key.c __key_instantiate_and_link() they make a decision upon
> > what's done for STRUCT_KEY_TYPE_HAS_PREPARSE in the cachemanager like this :
> >
> > /* instantiate the key */
> > if (key->type->instantiate)
> > ret = key->type->instantiate(key, prep->data, prep->datalen);
> > else if (key->type->instantiate_prep)
> > ret = key->type->instantiate_prep(key, prep);
> >
> >
> >
> > So, the question is :
> > is the member key->type->instantiate_prep present in any other Linux-kernels ?
>
> Hi Christof,
>
> Searching through Google suggests that instantiate_prep is a Suse
> specific change, which they probably did to minimize the impact on
> some out of tree code, theirs or their customers. The mainline kernel
> has never had an instantiate_prep key type op.
>
> > I have a patch in the srpm which applies only to the affected kernels.
> > However, I am a bit reluctant to add yet another ifdef to the cachemanager just for one flavour of kernel, which will
> > go away in a few years time anyway again.
> >
> > Is it ok to keep that patch distribution-local or should I push a generic patch (including configure test etc) ?
>
> Given that it's a major distribution, It's much better to add one more
> test and ifdef than to have someone carry a local patch that other
> users will not be aware of, IMO. The configure test can be a
> one-liner with AC_CHECK_LINUX_STRUCT.
>
Hi Marc,
thanks for the reply, I have now uploaded this test to gerrit.
Christof