On Tue, 23 Jan 2018, Denis Kenzior wrote:
On 01/23/2018 03:02 PM, Mat Martineau wrote:
> The Diffie-Hellman, keyring restrictions, and key crypto parts of the
> l_key API depend on kernel features that were added relatively
> recently. While the affected l_key calls fail gracefully when the kernel
> doesn't implement the required feature, they do not fail in a way that
> allows unit tests to differentiate between library bugs and kernel
> support. l_key_is_supported() is a private API to check for kernel
> ell/key-private.h | 27 +++++++++++++++++++++++++++
> ell/key.c | 31 +++++++++++++++++++++++++++++++
> 2 files changed, 58 insertions(+)
> create mode 100644 ell/key-private.h
All applied, thanks!
I tested these changes out on various kernels going back to 4.2, and the
keyctl feature detection worked fine.
I did run in to some glitches with test-pem and test-cipher on some old
kernels. test-pem needs L_CIPHER_DES_CBC for encrypted certs, and
test-cipher fails because AEAD ciphers had a bogus recv() return value
before v4.9 (see kernel commit 0c1e16cd1e).