diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-08-28 08:57:11 -0400 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-09-14 15:24:49 -0400 |
commit | 1d714057ef8f6348eba7b28ace6d307513e57cef (patch) | |
tree | a848b86df6257b347b6929f9ad09666105996003 /security/integrity | |
parent | 982e617a313b57abee3bcfa53381c356d00fd64a (diff) |
evm: remove TCG_TPM dependency
All tristates selected by EVM(boolean) are forced to be builtin, except
in the TCG_TPM(tristate) dependency case. Arnaud Lacombe summarizes the
Kconfig bug as, "So it would seem direct dependency state influence the
state of reverse dependencies.." For a detailed explanation, refer to
Arnaud Lacombe's posting http://lkml.org/lkml/2011/8/23/498.
With the "encrypted-keys: remove trusted-keys dependency" patch, EVM
can now be built without a dependency on TCG_TPM. The trusted-keys
dependency requires trusted-keys to either be builtin or not selected.
This dependency will prevent the boolean/tristate mismatch from
occuring.
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>,
Randy Dunlap <rdunlap@xenotimenet>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r-- | security/integrity/evm/Kconfig | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig index 884617d4aad0..afbb59dd262d 100644 --- a/security/integrity/evm/Kconfig +++ b/security/integrity/evm/Kconfig | |||
@@ -1,11 +1,10 @@ | |||
1 | config EVM | 1 | config EVM |
2 | boolean "EVM support" | 2 | boolean "EVM support" |
3 | depends on SECURITY && KEYS && TCG_TPM | 3 | depends on SECURITY && KEYS && (TRUSTED_KEYS=y || TRUSTED_KEYS=n) |
4 | select CRYPTO_HMAC | 4 | select CRYPTO_HMAC |
5 | select CRYPTO_MD5 | 5 | select CRYPTO_MD5 |
6 | select CRYPTO_SHA1 | 6 | select CRYPTO_SHA1 |
7 | select ENCRYPTED_KEYS | 7 | select ENCRYPTED_KEYS |
8 | select TRUSTED_KEYS | ||
9 | default n | 8 | default n |
10 | help | 9 | help |
11 | EVM protects a file's security extended attributes against | 10 | EVM protects a file's security extended attributes against |