From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
Mimi Zohar <zohar@linux.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
David Howells <dhowells@redhat.com>,
David Woodhouse <dwmw2@infradead.org>,
Jessica Yu <jeyu@kernel.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Jonathan Corbet <corbet@lwn.net>,
"AKASHI, Takahiro" <takahiro.akashi@linaro.org>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>
Subject: [PATCH v12 04/11] integrity: Select CONFIG_KEYS instead of depending on it
Date: Fri, 28 Jun 2019 02:19:27 +0000 [thread overview]
Message-ID: <20190628021934.4260-5-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190628021934.4260-1-bauerman@linux.ibm.com>
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
security/integrity/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 3ba1168b1756..93d73902c571 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,8 +17,8 @@ if INTEGRITY
config INTEGRITY_SIGNATURE
bool "Digital signature verification using multiple keyrings"
- depends on KEYS
default n
+ select KEYS
select SIGNATURE
help
This option enables digital signature verification support
WARNING: multiple messages have this Message-ID (diff)
From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
Mimi Zohar <zohar@linux.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
David Howells <dhowells@redhat.com>,
David Woodhouse <dwmw2@infradead.org>,
Jessica Yu <jeyu@kernel.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Jonathan Corbet <corbet@lwn.net>,
"AKASHI, Takahiro" <takahiro.akashi@linaro.org>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>
Subject: [PATCH v12 04/11] integrity: Select CONFIG_KEYS instead of depending on it
Date: Thu, 27 Jun 2019 23:19:27 -0300 [thread overview]
Message-ID: <20190628021934.4260-5-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190628021934.4260-1-bauerman@linux.ibm.com>
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
security/integrity/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 3ba1168b1756..93d73902c571 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,8 +17,8 @@ if INTEGRITY
config INTEGRITY_SIGNATURE
bool "Digital signature verification using multiple keyrings"
- depends on KEYS
default n
+ select KEYS
select SIGNATURE
help
This option enables digital signature verification support
WARNING: multiple messages have this Message-ID (diff)
From: Thiago Jung Bauermann <bauerman@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
linux-doc@vger.kernel.org,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
Jonathan Corbet <corbet@lwn.net>,
linux-kernel@vger.kernel.org, Mimi Zohar <zohar@linux.ibm.com>,
James Morris <jmorris@namei.org>,
David Howells <dhowells@redhat.com>,
"AKASHI, Takahiro" <takahiro.akashi@linaro.org>,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, Jessica Yu <jeyu@kernel.org>,
linuxppc-dev@lists.ozlabs.org,
David Woodhouse <dwmw2@infradead.org>,
Thiago Jung Bauermann <bauerman@linux.ibm.com>,
"Serge E. Hallyn" <serge@hallyn.com>
Subject: [PATCH v12 04/11] integrity: Select CONFIG_KEYS instead of depending on it
Date: Thu, 27 Jun 2019 23:19:27 -0300 [thread overview]
Message-ID: <20190628021934.4260-5-bauerman@linux.ibm.com> (raw)
In-Reply-To: <20190628021934.4260-1-bauerman@linux.ibm.com>
This avoids a dependency cycle in soon-to-be-introduced
CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
security/integrity/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 3ba1168b1756..93d73902c571 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,8 +17,8 @@ if INTEGRITY
config INTEGRITY_SIGNATURE
bool "Digital signature verification using multiple keyrings"
- depends on KEYS
default n
+ select KEYS
select SIGNATURE
help
This option enables digital signature verification support
next prev parent reply other threads:[~2019-06-28 2:19 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-28 2:19 [PATCH v12 00/11] Appended signatures support for IMA appraisal Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 01/11] MODSIGN: Export module signature definitions Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-07-01 14:47 ` Jessica Yu
2019-07-01 14:47 ` Jessica Yu
2019-07-01 14:47 ` Jessica Yu
2019-07-04 6:42 ` Thiago Jung Bauermann
2019-07-04 6:42 ` Thiago Jung Bauermann
2019-07-04 6:42 ` Thiago Jung Bauermann
2019-07-04 6:42 ` Thiago Jung Bauermann
2019-07-04 10:54 ` Philipp Rudo
2019-07-04 10:54 ` Philipp Rudo
2019-07-04 10:54 ` Philipp Rudo
2019-07-04 10:54 ` Philipp Rudo
2019-07-04 18:57 ` Thiago Jung Bauermann
2019-07-04 18:57 ` Thiago Jung Bauermann
2019-07-04 18:57 ` Thiago Jung Bauermann
2019-07-04 18:57 ` Thiago Jung Bauermann
2019-07-05 13:00 ` Philipp Rudo
2019-07-05 13:00 ` Philipp Rudo
2019-07-05 13:00 ` Philipp Rudo
2019-07-05 13:00 ` Philipp Rudo
2019-07-23 22:39 ` Thiago Jung Bauermann
2019-07-23 22:39 ` Thiago Jung Bauermann
2019-07-23 22:39 ` Thiago Jung Bauermann
2019-07-23 22:39 ` Thiago Jung Bauermann
2019-08-05 13:11 ` Philipp Rudo
2019-08-05 13:11 ` Philipp Rudo
2019-08-05 13:11 ` Philipp Rudo
2019-08-05 13:11 ` Philipp Rudo
2019-08-05 14:25 ` Mimi Zohar
2019-08-05 14:25 ` Mimi Zohar
2019-08-05 14:25 ` Mimi Zohar
2019-06-28 2:19 ` [PATCH v12 02/11] PKCS#7: Refactor verify_pkcs7_signature() Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 03/11] PKCS#7: Introduce pkcs7_get_digest() Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann [this message]
2019-06-28 2:19 ` [PATCH v12 04/11] integrity: Select CONFIG_KEYS instead of depending on it Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 05/11] ima: Add modsig appraise_type option for module-style appended signatures Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 06/11] ima: Factor xattr_verify() out of ima_appraise_measurement() Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 07/11] ima: Implement support for module-style appended signatures Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 08/11] ima: Collect modsig Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 09/11] ima: Define ima-modsig template Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 10/11] ima: Store the measurement again when appraising a modsig Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` [PATCH v12 11/11] ima: Allow template= option for appraise rules as well Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-06-28 2:19 ` Thiago Jung Bauermann
2019-07-01 14:38 ` [PATCH v12 00/11] Appended signatures support for IMA appraisal Mimi Zohar
2019-07-01 14:38 ` Mimi Zohar
2019-07-01 14:38 ` Mimi Zohar
2019-07-04 6:45 ` Thiago Jung Bauermann
2019-07-04 6:45 ` Thiago Jung Bauermann
2019-07-04 6:45 ` Thiago Jung Bauermann
2019-08-26 22:46 ` Jordan Hand
2019-08-26 22:46 ` Jordan Hand
2019-08-26 22:46 ` Jordan Hand
2019-08-27 1:04 ` Thiago Jung Bauermann
2019-08-27 1:04 ` Thiago Jung Bauermann
2019-08-27 1:04 ` Thiago Jung Bauermann
2019-08-28 13:43 ` Mimi Zohar
2019-08-28 13:43 ` Mimi Zohar
2019-08-28 13:43 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190628021934.4260-5-bauerman@linux.ibm.com \
--to=bauerman@linux.ibm.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=dwmw2@infradead.org \
--cc=herbert@gondor.apana.org.au \
--cc=jeyu@kernel.org \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=serge@hallyn.com \
--cc=takahiro.akashi@linaro.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.