From patchwork Wed Oct 19 08:23:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 4580 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp205818wrs; Wed, 19 Oct 2022 01:50:44 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4oKIt6bFp5lyyrUXMusndzqKcBf4sGEnLCqxyzaqyKoSFvzVcgkb1lXP8hWj4yb12YGIXp X-Received: by 2002:a05:6a00:705:b0:562:b9e1:d0e8 with SMTP id 5-20020a056a00070500b00562b9e1d0e8mr7649786pfl.0.1666169443737; Wed, 19 Oct 2022 01:50:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666169443; cv=none; d=google.com; s=arc-20160816; b=PREMfZheeQWTfo1Zr3aOBym2ve/js66VjTvrHtJlntZMqBU+DkMqMpWrctT4q1CMRM xLuwvHAwisVXf/+N5Qa54gmWHSN+tDc1VLp+4Oa8DteWNqhUqpV1+y7HraLjyYVAi5Wx sgCLmAhbr+iRBSIVJR+AB7ugG6EEm4kZsU5ch2oxFfm5Q3Ub9fFr9O/35ZMGp5pSA35h +iyujN9rO1IHzPwlJAcghmX26umxBMP7wzCCpiHaZbLXkMZaqyYMmv6BU+sdujvBIYnC /+MpFqLFTA/ObccPMxXdejg7LkI2cQff+SAKMW80544sf5sP5ATBNMhS3k5kz4xyIeag JEPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=EuDUQlE6ZVmuNyYupMJyJkZrmtusfCOd3BcjAC9SHv8=; b=qeMD46urF7wtLg2E7fRXdCBy2kMHH7MJe7gHVhNFoQpmkPD8a+ZgpRaiRaW06GdGTG /M0TsAASHRzyeZ/oqrD0TW8AGfYBgImHnp1e5qkTbgeLQNdh3aV+im8cCgq1eCUnK+3T Wxae+ttqhCeP+wPtlyMltjM2Ozq1sSPJ2egQjEOsBecTtySwStUXrVf1oSYLSu6VSvRk LoOTTRu4maNLN2nsxMZ5eeU2vt/vXFsNZQq0e3AESxxrFoDctz9grIhkVC76n+uYF+Wk R6qa2+ZDyD6d7TLU0o+UTh8NIiDzPuqM0UDMMOqsCqyNJKeWKnePagdFk1yv12qNU7ax 1xuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=UvAAavH7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p9-20020a056a000b4900b00562617987a1si17217731pfo.264.2022.10.19.01.50.30; Wed, 19 Oct 2022 01:50:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=UvAAavH7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231600AbiJSIss (ORCPT + 99 others); Wed, 19 Oct 2022 04:48:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231534AbiJSIsG (ORCPT ); Wed, 19 Oct 2022 04:48:06 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F070A14003; Wed, 19 Oct 2022 01:46:03 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 107FEB822DE; Wed, 19 Oct 2022 08:42:11 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5EBB5C433C1; Wed, 19 Oct 2022 08:42:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1666168929; bh=qab0Rnt+T/tqzgVYqDfBj7DaAjjs/8A7KfmD14WqWuM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=UvAAavH7mSafJB4pIj6FAcuAh7BHWaLSoJ1Ux3uSMpI/zRkyRwRPLrADTUz7ERZsb m17vWpthamZkcQZ3MISS6GBOIMzM0xABIom9uT3aM64oqwhE3lbcJkX5WD2OV9MyIN xR0Om9/w9gJtt2j6iEpbVM40gUGtWB/D8cac3ecw= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jae Hoon Kim , Matthias Kaehlcke , Kees Cook Subject: [PATCH 6.0 100/862] LoadPin: Fix Kconfig doc about format of file with verity digests Date: Wed, 19 Oct 2022 10:23:07 +0200 Message-Id: <20221019083254.328176929@linuxfoundation.org> X-Mailer: git-send-email 2.38.0 In-Reply-To: <20221019083249.951566199@linuxfoundation.org> References: <20221019083249.951566199@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747105290393314234?= X-GMAIL-MSGID: =?utf-8?q?1747105290393314234?= From: Matthias Kaehlcke commit aafc203bbad4bf6cf394a34ea698c2b0b8affae0 upstream. The doc for CONFIG_SECURITY_LOADPIN_VERITY says that the file with verity digests must contain a comma separated list of digests. That was the case at some stage of the development, but was changed during the review process to one digest per line. Update the Kconfig doc accordingly. Reported-by: Jae Hoon Kim Signed-off-by: Matthias Kaehlcke Fixes: 3f805f8cc23b ("LoadPin: Enable loading from trusted dm-verity devices") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20220829174557.1.I5d202d1344212a3800d9828f936df6511eb2d0d1@changeid Signed-off-by: Greg Kroah-Hartman --- security/loadpin/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/security/loadpin/Kconfig +++ b/security/loadpin/Kconfig @@ -33,4 +33,4 @@ config SECURITY_LOADPIN_VERITY on the LoadPin securityfs entry 'dm-verity'. The ioctl expects a file descriptor of a file with verity digests as parameter. The file must be located on the pinned root and - contain a comma separated list of digests. + contain one digest per line.