Re: [PATCH v2] certs: Add EFI_CERT_X509_GUID support for dbx entries

From: Randy Dunlap <hidden>
Date: 2020-09-09 17:40:50
Also in: keyrings, linux-crypto, lkml

On 9/9/20 10:27 AM, Eric Snowberg wrote:

quoted hunk ↗ jump to hunk

diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
index 38ec7f5f9041..d8f2e0fdfbf4 100644
--- a/include/crypto/pkcs7.h
+++ b/include/crypto/pkcs7.h

@@ -26,11 +26,19 @@ extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
 				  const void **_data, size_t *_datalen,
 				  size_t *_headerlen);
 
+#ifdef CONFIG_PKCS7_MESSAGE_PARSER
 /*
  * pkcs7_trust.c
  */
 extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
 				struct key *trust_keyring);
+#else
+static inline int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
+				       struct key *trust_keyring)
+{
+	return -ENOKEY;
+}
+#endif

Just to be clear, you want to do the #else block when
CONFIG_PKCS7_MESSAGE_PARSER=m.  Is that correct?

If so, it might be clearer to use

#if IS_BUILTIN(CONFIG_PKCS7_MESSAGE_PARSER)


-- 
~Randy

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help