integrity: eliminate unnecessary "Problem loading X.509 certificate" msg (!3944) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Coiby Xu requested to merge coxu/centos-stream-9:jira12346_no_126_error into main Mar 29, 2024

integrity: eliminate unnecessary "Problem loading X.509 certificate" msg

JIRA: https://issues.redhat.com/browse/RHEL-12346

Upstream Status: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

commit 85445b96429057d87446bcb24ec0cac9ea9c7fdf Author: Coiby Xu coxu@redhat.com Date: Tue Jan 9 08:24:28 2024 +0800

integrity: eliminate unnecessary "Problem loading X.509 certificate" msg

Currently when the kernel fails to add a cert to the .machine keyring,
it will throw an error immediately in the function integrity_add_key.

Since the kernel will try adding to the .platform keyring next or throw
an error (in the caller of integrity_add_key i.e. add_to_machine_keyring),
so there is no need to throw an error immediately in integrity_add_key.

Reported-by: itrymybest80@protonmail.com
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2239331
Fixes: d19967764ba8 ("integrity: Introduce a Linux keyring called machine")
Reviewed-by: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Signed-off-by: Coiby Xu coxu@redhat.com

Admin message

integrity: eliminate unnecessary "Problem loading X.509 certificate" msg

Merge request reports