forked from Minki/linux
1d714057ef
All tristates selected by EVM(boolean) are forced to be builtin, except in the TCG_TPM(tristate) dependency case. Arnaud Lacombe summarizes the Kconfig bug as, "So it would seem direct dependency state influence the state of reverse dependencies.." For a detailed explanation, refer to Arnaud Lacombe's posting http://lkml.org/lkml/2011/8/23/498. With the "encrypted-keys: remove trusted-keys dependency" patch, EVM can now be built without a dependency on TCG_TPM. The trusted-keys dependency requires trusted-keys to either be builtin or not selected. This dependency will prevent the boolean/tristate mismatch from occuring. Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>, Randy Dunlap <rdunlap@xenotimenet> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
14 lines
345 B
Plaintext
14 lines
345 B
Plaintext
config EVM
|
|
boolean "EVM support"
|
|
depends on SECURITY && KEYS && (TRUSTED_KEYS=y || TRUSTED_KEYS=n)
|
|
select CRYPTO_HMAC
|
|
select CRYPTO_MD5
|
|
select CRYPTO_SHA1
|
|
select ENCRYPTED_KEYS
|
|
default n
|
|
help
|
|
EVM protects a file's security extended attributes against
|
|
integrity attacks.
|
|
|
|
If you are unsure how to answer this question, answer N.
|