From 4f83d5ea643af8892459d9852c88f3892201b864 Mon Sep 17 00:00:00 2001
From: Paul Gortmaker <paul.gortmaker@windriver.com>
Date: Sun, 9 Dec 2018 15:36:33 -0500
Subject: security: integrity: make ima_main explicitly non-modular

The Makefile/Kconfig entry controlling compilation of this code is:

obj-$(CONFIG_IMA) += ima.o
ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
         ima_policy.o ima_template.o ima_template_lib.o

security/integrity/ima/Kconfig:config IMA
security/integrity/ima/Kconfig- bool "Integrity Measurement Architecture(IMA)"

...meaning that it currently is not being built as a module by anyone.

Lets remove the couple traces of modular infrastructure use, so that
when reading the driver there is no doubt it is builtin-only.

We also delete the MODULE_LICENSE tag etc. since all that information
is already contained at the top of the file in the comments.

Cc: Mimi Zohar <zohar@linux.ibm.com>
Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: linux-ima-devel@lists.sourceforge.net
Cc: linux-security-module@vger.kernel.org
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
---
 security/integrity/ima/ima_main.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'security/integrity/ima/ima_main.c')

diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 1b88d58e1325..adaf96932237 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -1,4 +1,6 @@
 /*
+ * Integrity Measurement Architecture
+ *
  * Copyright (C) 2005,2006,2007,2008 IBM Corporation
  *
  * Authors:
@@ -19,7 +21,7 @@
 
 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 
-#include <linux/module.h>
+#include <linux/init.h>
 #include <linux/file.h>
 #include <linux/binfmts.h>
 #include <linux/mount.h>
@@ -560,6 +562,3 @@ static int __init init_ima(void)
 }
 
 late_initcall(init_ima);	/* Start IMA after the TPM is available */
-
-MODULE_DESCRIPTION("Integrity Measurement Architecture");
-MODULE_LICENSE("GPL");
-- 
cgit v1.2.3


From b49d564344f773d8afee982153c8493e5f2eaf38 Mon Sep 17 00:00:00 2001
From: Paul Gortmaker <paul.gortmaker@windriver.com>
Date: Fri, 14 Dec 2018 16:48:07 -0500
Subject: security: integrity: partial revert of make ima_main explicitly
 non-modular

In commit 4f83d5ea643a ("security: integrity: make ima_main explicitly
non-modular") I'd removed <linux/module.h> after assuming that the
function is_module_sig_enforced() was an LSM function and not a core
kernel module function.

Unfortunately the typical .config selections used in build testing
provide an implicit <linux/module.h> presence, and so normal/typical
build testing did not immediately reveal my incorrect assumption.

Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: linux-ima-devel@lists.sourceforge.net
Cc: linux-security-module@vger.kernel.org
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
---
 security/integrity/ima/ima_main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'security/integrity/ima/ima_main.c')

diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index adaf96932237..616a88f95b92 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -21,7 +21,7 @@
 
 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 
-#include <linux/init.h>
+#include <linux/module.h>
 #include <linux/file.h>
 #include <linux/binfmts.h>
 #include <linux/mount.h>
-- 
cgit v1.2.3