summaryrefslogtreecommitdiffstats
path: root/arch/powerpc/kernel/Makefile
diff options
context:
space:
mode:
authorNayna Jain <nayna@linux.ibm.com>2019-10-30 23:31:27 -0400
committerMichael Ellerman <mpe@ellerman.id.au>2019-11-12 12:25:49 +1100
commit4238fad366a660cbc6499ca1ea4be42bd4d1ac5b (patch)
treeddfe3283dacee87a13c8191073b86d2b990c2a01 /arch/powerpc/kernel/Makefile
parent1a8916ee3ac29054322cdac687d36e1b5894d272 (diff)
downloadlinux-4238fad366a660cbc6499ca1ea4be42bd4d1ac5b.tar.bz2
powerpc/ima: Add support to initialize ima policy rules
PowerNV systems use a Linux-based bootloader, which rely on the IMA subsystem to enforce different secure boot modes. Since the verification policy may differ based on the secure boot mode of the system, the policies must be defined at runtime. This patch implements arch-specific support to define IMA policy rules based on the runtime secure boot mode of the system. This patch provides arch-specific IMA policies if PPC_SECURE_BOOT config is enabled. Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1572492694-6520-3-git-send-email-zohar@linux.ibm.com
Diffstat (limited to 'arch/powerpc/kernel/Makefile')
-rw-r--r--arch/powerpc/kernel/Makefile2
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile
index e2a54fa240ac..e8eb2955b7d5 100644
--- a/arch/powerpc/kernel/Makefile
+++ b/arch/powerpc/kernel/Makefile
@@ -161,7 +161,7 @@ ifneq ($(CONFIG_PPC_POWERNV)$(CONFIG_PPC_SVM),)
obj-y += ucall.o
endif
-obj-$(CONFIG_PPC_SECURE_BOOT) += secure_boot.o
+obj-$(CONFIG_PPC_SECURE_BOOT) += secure_boot.o ima_arch.o
# Disable GCOV, KCOV & sanitizers in odd or sensitive code
GCOV_PROFILE_prom_init.o := n