From: Krzysztof Kozlowski <krzk@kernel.org>
To: linux-kernel@vger.kernel.org
Cc: Krzysztof Kozlowski <krzk@kernel.org>,
John Johansen <john.johansen@canonical.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Mimi Zohar <zohar@linux.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
Micah Morton <mortonm@chromium.org>,
linux-security-module@vger.kernel.org,
linux-integrity@vger.kernel.org
Subject: [PATCH] security: Fix Kconfig indentation
Date: Wed, 20 Nov 2019 21:37:50 +0800 [thread overview]
Message-ID: <20191120133750.12519-1-krzk@kernel.org> (raw)
Adjust indentation from spaces to tab (+optional two spaces) as in
coding style with command like:
$ sed -e 's/^ /\t/' -i */Kconfig
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
---
security/apparmor/Kconfig | 2 +-
security/integrity/Kconfig | 24 ++++++++++++------------
security/integrity/ima/Kconfig | 12 ++++++------
security/safesetid/Kconfig | 24 ++++++++++++------------
4 files changed, 31 insertions(+), 31 deletions(-)
diff --git a/security/apparmor/Kconfig b/security/apparmor/Kconfig
index a422a349f926..1f0e712c5e50 100644
--- a/security/apparmor/Kconfig
+++ b/security/apparmor/Kconfig
@@ -32,7 +32,7 @@ config SECURITY_APPARMOR_HASH_DEFAULT
depends on SECURITY_APPARMOR_HASH
default y
help
- This option selects whether sha1 hashing of loaded policy
+ This option selects whether sha1 hashing of loaded policy
is enabled by default. The generation of sha1 hashes for
loaded policy provide system administrators a quick way
to verify that policy in the kernel matches what is expected,
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 71f0177e8716..c92339445087 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -34,10 +34,10 @@ config INTEGRITY_ASYMMETRIC_KEYS
bool "Enable asymmetric keys support"
depends on INTEGRITY_SIGNATURE
default n
- select ASYMMETRIC_KEY_TYPE
- select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- select CRYPTO_RSA
- select X509_CERTIFICATE_PARSER
+ select ASYMMETRIC_KEY_TYPE
+ select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select CRYPTO_RSA
+ select X509_CERTIFICATE_PARSER
help
This option enables digital signature verification using
asymmetric keys.
@@ -53,14 +53,14 @@ config INTEGRITY_TRUSTED_KEYRING
keyring.
config INTEGRITY_PLATFORM_KEYRING
- bool "Provide keyring for platform/firmware trusted keys"
- depends on INTEGRITY_ASYMMETRIC_KEYS
- depends on SYSTEM_BLACKLIST_KEYRING
- help
- Provide a separate, distinct keyring for platform trusted keys, which
- the kernel automatically populates during initialization from values
- provided by the platform for verifying the kexec'ed kerned image
- and, possibly, the initramfs signature.
+ bool "Provide keyring for platform/firmware trusted keys"
+ depends on INTEGRITY_ASYMMETRIC_KEYS
+ depends on SYSTEM_BLACKLIST_KEYRING
+ help
+ Provide a separate, distinct keyring for platform trusted keys, which
+ the kernel automatically populates during initialization from values
+ provided by the platform for verifying the kexec'ed kerned image
+ and, possibly, the initramfs signature.
config LOAD_UEFI_KEYS
depends on INTEGRITY_PLATFORM_KEYRING
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 838476d780e5..ec9259bd8115 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -159,13 +159,13 @@ config IMA_APPRAISE
If unsure, say N.
config IMA_ARCH_POLICY
- bool "Enable loading an IMA architecture specific policy"
- depends on (KEXEC_SIG && IMA) || IMA_APPRAISE \
+ bool "Enable loading an IMA architecture specific policy"
+ depends on (KEXEC_SIG && IMA) || IMA_APPRAISE \
&& INTEGRITY_ASYMMETRIC_KEYS
- default n
- help
- This option enables loading an IMA architecture specific policy
- based on run time secure boot flags.
+ default n
+ help
+ This option enables loading an IMA architecture specific policy
+ based on run time secure boot flags.
config IMA_APPRAISE_BUILD_POLICY
bool "IMA build time configured policy rules"
diff --git a/security/safesetid/Kconfig b/security/safesetid/Kconfig
index 18b5fb90417b..ab1a2c69b0b8 100644
--- a/security/safesetid/Kconfig
+++ b/security/safesetid/Kconfig
@@ -1,15 +1,15 @@
# SPDX-License-Identifier: GPL-2.0-only
config SECURITY_SAFESETID
- bool "Gate setid transitions to limit CAP_SET{U/G}ID capabilities"
- depends on SECURITY
- select SECURITYFS
- default n
- help
- SafeSetID is an LSM module that gates the setid family of syscalls to
- restrict UID/GID transitions from a given UID/GID to only those
- approved by a system-wide whitelist. These restrictions also prohibit
- the given UIDs/GIDs from obtaining auxiliary privileges associated
- with CAP_SET{U/G}ID, such as allowing a user to set up user namespace
- UID mappings.
+ bool "Gate setid transitions to limit CAP_SET{U/G}ID capabilities"
+ depends on SECURITY
+ select SECURITYFS
+ default n
+ help
+ SafeSetID is an LSM module that gates the setid family of syscalls to
+ restrict UID/GID transitions from a given UID/GID to only those
+ approved by a system-wide whitelist. These restrictions also prohibit
+ the given UIDs/GIDs from obtaining auxiliary privileges associated
+ with CAP_SET{U/G}ID, such as allowing a user to set up user namespace
+ UID mappings.
- If you are unsure how to answer this question, answer N.
+ If you are unsure how to answer this question, answer N.
--
2.17.1
reply other threads:[~2019-11-20 13:37 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191120133750.12519-1-krzk@kernel.org \
--to=krzk@kernel.org \
--cc=dmitry.kasatkin@gmail.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mortonm@chromium.org \
--cc=serge@hallyn.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).