[PATCH v12 04/11] integrity: Select CONFIG_KEYS instead of depending on it

[PATCH v12 00/11] Appended signatures support for IMA appraisal · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 02/11] PKCS#7: Refactor verify_pkcs7_signature() · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 04/11] integrity: Select CONFIG_KEYS instead of depending on it · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 01/11] MODSIGN: Export module signature definitions · Thiago Jung Bauermann <hidden> · 2019-06-28
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Jessica Yu <jeyu@kernel.org> · 2019-07-01
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Thiago Jung Bauermann <hidden> · 2019-07-04
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Philipp Rudo <hidden> · 2019-07-04
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Thiago Jung Bauermann <hidden> · 2019-07-04
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Philipp Rudo <hidden> · 2019-07-05
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Thiago Jung Bauermann <hidden> · 2019-07-23
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Philipp Rudo <hidden> · 2019-08-05
Re: [PATCH v12 01/11] MODSIGN: Export module signature definitions · Mimi Zohar <zohar@linux.ibm.com> · 2019-08-05
[PATCH v12 03/11] PKCS#7: Introduce pkcs7_get_digest() · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 08/11] ima: Collect modsig · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 10/11] ima: Store the measurement again when appraising a modsig · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 05/11] ima: Add modsig appraise_type option for module-style appended signatures · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 11/11] ima: Allow template= option for appraise rules as well · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 07/11] ima: Implement support for module-style appended signatures · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 09/11] ima: Define ima-modsig template · Thiago Jung Bauermann <hidden> · 2019-06-28
[PATCH v12 06/11] ima: Factor xattr_verify() out of ima_appraise_measurement() · Thiago Jung Bauermann <hidden> · 2019-06-28
Re: [PATCH v12 00/11] Appended signatures support for IMA appraisal · Mimi Zohar <zohar@linux.ibm.com> · 2019-07-01
Re: [PATCH v12 00/11] Appended signatures support for IMA appraisal · Thiago Jung Bauermann <hidden> · 2019-07-04
Re: [PATCH v12 00/11] Appended signatures support for IMA appraisal · Jordan Hand <hidden> · 2019-08-26
Re: [PATCH v12 00/11] Appended signatures support for IMA appraisal · Thiago Jung Bauermann <hidden> · 2019-08-27
Re: [PATCH v12 00/11] Appended signatures support for IMA appraisal · Mimi Zohar <zohar@linux.ibm.com> · 2019-08-28

STALE2469d

Revisions (6)

2018-05-23 v7 [diff vs current]
2018-11-16 v8 [diff vs current]
2018-12-13 v9 [diff vs current]
2019-04-18 v10 [diff vs current]
2019-06-11 v11 [diff vs current]
2019-06-28 v12 current

From: Thiago Jung Bauermann <hidden>
Date: 2019-06-28 02:20:17
Also in: keyrings, linux-crypto, linux-doc, linux-integrity, linuxppc-dev, lkml
Subsystem: extended verification module (evm), integrity measurement architecture (ima), security subsystem, the rest · Maintainers: Mimi Zohar, Roberto Sassu, Dmitry Kasatkin, Paul Moore, James Morris, "Serge E. Hallyn", Linus Torvalds

This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.

Signed-off-by: Thiago Jung Bauermann <redacted>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 security/integrity/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 3ba1168b1756..93d73902c571 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig

@@ -17,8 +17,8 @@ if INTEGRITY
 
 config INTEGRITY_SIGNATURE
 	bool "Digital signature verification using multiple keyrings"
-	depends on KEYS
 	default n
+	select KEYS
 	select SIGNATURE
 	help
 	  This option enables digital signature verification support

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help