The subject line is too long.  How about "IMA: fix measuring
asymmetric keys Kconfig"?

On Tue, 2020-01-07 at 16:36 -0800, Lakshmi Ramasubramanian wrote:

CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is a tristate and not a bool.
If this config is set to "=m", ima_asymmetric_keys.c is built
as a kernel module when it is actually not.

Simplify the wording by removing the unnecessary "not a bool" and
"when it is actually not".

Defined a new config CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS that is
defined when CONFIG_IMA and CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
are defined.

How about using James wording - "intermediate boolean config
variable"?

Asymmetric key structure is defined only when
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE is defined. Since the IMA hook
measures asymmetric keys, the IMA hook is defined in
ima_asymmetric_keys.c which is built only if
CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS is defined.

Signed-off-by: Lakshmi Ramasubramanian <redacted>

Please include a "Suggested-by:" tag for James.

thanks,

Mimi