From: Mimi Zohar Subject: Re: [PATCH v6 07/12] integrity: Select CONFIG_KEYS instead of depending on it Date: Wed, 21 Mar 2018 19:18:47 -0400 Message-ID: <1521674327.3848.221.camel@linux.vnet.ibm.com> References: <20180316203837.10174-1-bauerman@linux.vnet.ibm.com> <20180316203837.10174-8-bauerman@linux.vnet.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Cc: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org, Dmitry Kasatkin , James Morris , "Serge E. Hallyn" , David Howells , David Woodhouse , Jessica Yu , Herbert Xu , "David S. Miller" , "AKASHI, Takahiro" To: Thiago Jung Bauermann , linux-integrity@vger.kernel.org Return-path: In-Reply-To: <20180316203837.10174-8-bauerman@linux.vnet.ibm.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org On Fri, 2018-03-16 at 17:38 -0300, Thiago Jung Bauermann wrote: > This avoids a dependency cycle in CONFIG_IMA_APPRAISE_MODSIG (introduced by > a later patch in this series): it will select CONFIG_MODULE_SIG_FORMAT > which in turn selects CONFIG_KEYS. Kconfig then complains that > CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS. > > Signed-off-by: Thiago Jung Bauermann Signed-off-by: Mimi Zohar > --- > security/integrity/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig > index da9565891738..0d642e0317c7 100644 > --- a/security/integrity/Kconfig > +++ b/security/integrity/Kconfig > @@ -17,8 +17,8 @@ if INTEGRITY > > config INTEGRITY_SIGNATURE > bool "Digital signature verification using multiple keyrings" > - depends on KEYS > default n > + select KEYS > select SIGNATURE > help > This option enables digital signature verification support >