diff options
| author | Nathan Chancellor <nathan@kernel.org> | 2026-03-25 18:19:15 -0700 |
|---|---|---|
| committer | Nathan Chancellor <nathan@kernel.org> | 2026-04-16 14:21:10 -0700 |
| commit | 4f96b7c68a9904e01049ef610d701b382dca9574 (patch) | |
| tree | 0a08b4ea4d77633047c4a90112a913d9bbc35a5b /include/linux | |
| parent | 028ef9c96e96197026887c0f092424679298aae8 (diff) | |
extract-cert: Wrap key_pass with '#ifdef USE_PKCS11_ENGINE'
A recent strengthening of -Wunused-but-set-variable (enabled with -Wall)
in clang under a new subwarning, -Wunused-but-set-global, points out an
unused static global variable in certs/extract-cert.c:
certs/extract-cert.c:46:20: error: variable 'key_pass' set but not used [-Werror,-Wunused-but-set-global]
46 | static const char *key_pass;
| ^
After commit 558bdc45dfb2 ("sign-file,extract-cert: use pkcs11 provider
for OPENSSL MAJOR >= 3"), key_pass is only used with the OpenSSL engine
API, not the new provider API. Wrap key_pass's declaration and
assignment with '#ifdef USE_PKCS11_ENGINE' so that it is only included
with its use to clear up the warning. While this is a little uglier than
just marking key_pass with the unused attribute, this will make it
easier to clean up all code associated with the use of the engine API if
it were ever removed in the future. While in the area, use a tab for
the key_pass assignment line to match the rest of the file.
Cc: stable@vger.kernel.org
Fixes: 558bdc45dfb2 ("sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3")
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://patch.msgid.link/20260325-certs-extract-cert-key_pass-unused-but-set-global-v1-1-ecf94326d532@kernel.org
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Diffstat (limited to 'include/linux')
0 files changed, 0 insertions, 0 deletions