From: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
To: linux-security-module@vger.kernel.org
Cc: linux-ima-devel@lists.sourceforge.net, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-kernel@vger.kernel.org,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
David Howells <dhowells@redhat.com>,
David Woodhouse <dwmw2@infradead.org>,
Jessica Yu <jeyu@redhat.com>,
Rusty Russell <rusty@rustcorp.com.au>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
"AKASHI, Takahiro" <takahiro.akashi@linaro.org>,
Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
Subject: [PATCH v3 5/7] integrity: Select CONFIG_KEYS instead of depending on it
Date: Thu, 6 Jul 2017 19:17:51 -0300 [thread overview]
Message-ID: <20170706221753.17380-6-bauerman@linux.vnet.ibm.com> (raw)
In-Reply-To: <20170706221753.17380-1-bauerman@linux.vnet.ibm.com>
This avoids a dependency cycle in CONFIG_IMA_APPRAISE_MODSIG (introduced by
a later patch in this series): it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
---
security/integrity/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index da9565891738..0d642e0317c7 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,8 +17,8 @@ if INTEGRITY
config INTEGRITY_SIGNATURE
bool "Digital signature verification using multiple keyrings"
- depends on KEYS
default n
+ select KEYS
select SIGNATURE
help
This option enables digital signature verification support
--
2.13.0
WARNING: multiple messages have this Message-ID (diff)
From: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
To: linux-security-module@vger.kernel.org
Cc: linux-ima-devel@lists.sourceforge.net, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-kernel@vger.kernel.org,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
David Howells <dhowells@redhat.com>,
David Woodhouse <dwmw2@infradead.org>,
Jessica Yu <jeyu@redhat.com>,
Rusty Russell <rusty@rustcorp.com.au>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
"AKASHI, Takahiro" <takahiro.akashi@linaro.org>,
Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
Subject: [PATCH v3 5/7] integrity: Select CONFIG_KEYS instead of depending on it
Date: Thu, 06 Jul 2017 22:17:51 +0000 [thread overview]
Message-ID: <20170706221753.17380-6-bauerman@linux.vnet.ibm.com> (raw)
In-Reply-To: <20170706221753.17380-1-bauerman@linux.vnet.ibm.com>
This avoids a dependency cycle in CONFIG_IMA_APPRAISE_MODSIG (introduced by
a later patch in this series): it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
---
security/integrity/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index da9565891738..0d642e0317c7 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,8 +17,8 @@ if INTEGRITY
config INTEGRITY_SIGNATURE
bool "Digital signature verification using multiple keyrings"
- depends on KEYS
default n
+ select KEYS
select SIGNATURE
help
This option enables digital signature verification support
--
2.13.0
WARNING: multiple messages have this Message-ID (diff)
From: bauerman@linux.vnet.ibm.com (Thiago Jung Bauermann)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v3 5/7] integrity: Select CONFIG_KEYS instead of depending on it
Date: Thu, 6 Jul 2017 19:17:51 -0300 [thread overview]
Message-ID: <20170706221753.17380-6-bauerman@linux.vnet.ibm.com> (raw)
In-Reply-To: <20170706221753.17380-1-bauerman@linux.vnet.ibm.com>
This avoids a dependency cycle in CONFIG_IMA_APPRAISE_MODSIG (introduced by
a later patch in this series): it will select CONFIG_MODULE_SIG_FORMAT
which in turn selects CONFIG_KEYS. Kconfig then complains that
CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS.
Signed-off-by: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
---
security/integrity/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index da9565891738..0d642e0317c7 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,8 +17,8 @@ if INTEGRITY
config INTEGRITY_SIGNATURE
bool "Digital signature verification using multiple keyrings"
- depends on KEYS
default n
+ select KEYS
select SIGNATURE
help
This option enables digital signature verification support
--
2.13.0
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-07-06 22:17 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-06 22:17 [PATCH v3 0/7] Appended signatures support for IMA appraisal Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` [PATCH v3 1/7] integrity: Introduce struct evm_hmac_xattr Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-28 12:39 ` Mimi Zohar
2017-07-28 12:39 ` Mimi Zohar
2017-07-28 12:39 ` Mimi Zohar
2017-08-02 17:17 ` Thiago Jung Bauermann
2017-08-02 17:17 ` Thiago Jung Bauermann
2017-08-02 17:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` [PATCH v3 2/7] MODSIGN: Export module signature definitions Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` [PATCH v3 3/7] PKCS#7: Introduce verify_pkcs7_message_sig Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` [PATCH v3 4/7] integrity: Introduce integrity_keyring_from_id Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann [this message]
2017-07-06 22:17 ` [PATCH v3 5/7] integrity: Select CONFIG_KEYS instead of depending on it Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` [PATCH v3 6/7] ima: Store measurement after appraisal Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` [PATCH v3 7/7] ima: Support module-style appended signatures for appraisal Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-06 22:17 ` Thiago Jung Bauermann
2017-07-30 14:29 ` Mimi Zohar
2017-07-30 14:29 ` Mimi Zohar
2017-07-30 14:29 ` Mimi Zohar
2017-08-02 17:42 ` Thiago Jung Bauermann
2017-08-02 17:42 ` Thiago Jung Bauermann
2017-08-02 17:42 ` Thiago Jung Bauermann
2017-08-02 22:52 ` Mimi Zohar
2017-08-02 22:52 ` Mimi Zohar
2017-08-02 22:52 ` Mimi Zohar
2017-08-03 14:37 ` Mimi Zohar
2017-08-03 14:37 ` Mimi Zohar
2017-08-03 14:37 ` Mimi Zohar
2017-08-03 21:01 ` Thiago Jung Bauermann
2017-08-03 21:01 ` Thiago Jung Bauermann
2017-08-03 21:01 ` Thiago Jung Bauermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170706221753.17380-6-bauerman@linux.vnet.ibm.com \
--to=bauerman@linux.vnet.ibm.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=dwmw2@infradead.org \
--cc=herbert@gondor.apana.org.au \
--cc=james.l.morris@oracle.com \
--cc=jeyu@redhat.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-ima-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=rusty@rustcorp.com.au \
--cc=serge@hallyn.com \
--cc=takahiro.akashi@linaro.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.