diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-05-01 15:32:18 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-05-01 15:32:18 -0700 |
commit | e6f0bf09f0669b3c2cd77fa906830123279a0a21 (patch) | |
tree | 57aed6ff25d40e31f129b934403c7fac7a8cc8c8 /certs/Kconfig | |
parent | 10a3efd0fee5e881b1866cf45950808575cb0f24 (diff) | |
parent | 781a5739489949fd0f32432a9da17f7ddbccf1cc (diff) | |
download | linux-e6f0bf09f0669b3c2cd77fa906830123279a0a21.tar.bz2 |
Merge tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull IMA updates from Mimi Zohar:
"In addition to loading the kernel module signing key onto the builtin
keyring, load it onto the IMA keyring as well.
Also six trivial changes and bug fixes"
* tag 'integrity-v5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
ima: ensure IMA_APPRAISE_MODSIG has necessary dependencies
ima: Fix fall-through warnings for Clang
integrity: Add declarations to init_once void arguments.
ima: Fix function name error in comment.
ima: enable loading of build time generated key on .ima keyring
ima: enable signing of modules with build time generated key
keys: cleanup build time module signing keys
ima: Fix the error code for restoring the PCR value
ima: without an IMA policy loaded, return quickly
Diffstat (limited to 'certs/Kconfig')
-rw-r--r-- | certs/Kconfig | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/certs/Kconfig b/certs/Kconfig index ab88d2a7f3c7..f4e61116f94e 100644 --- a/certs/Kconfig +++ b/certs/Kconfig @@ -4,7 +4,7 @@ menu "Certificates for signature checking" config MODULE_SIG_KEY string "File name or PKCS#11 URI of module signing key" default "certs/signing_key.pem" - depends on MODULE_SIG + depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES) help Provide the file name of a private key/certificate in PEM format, or a PKCS#11 URI according to RFC7512. The file should contain, or |