On Tue, Jan 13, 2026 at 01:28:46PM +0100, Thomas Weißschuh wrote: > When CONFIG_MODULE_SIG is disabled set_module_sig_enforced() is defined > as an empty stub, so the check is unnecessary. > The specific configuration option for set_module_sig_enforced() is > about to change and removing the check avoids some later churn. > > Signed-off-by: Thomas Weißschuh <[email protected]> > --- > arch/powerpc/kernel/ima_arch.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/arch/powerpc/kernel/ima_arch.c b/arch/powerpc/kernel/ima_arch.c > index b7029beed847..690263bf4265 100644 > --- a/arch/powerpc/kernel/ima_arch.c > +++ b/arch/powerpc/kernel/ima_arch.c > @@ -63,8 +63,7 @@ static const char *const secure_and_trusted_rules[] = { > const char *const *arch_get_ima_policy(void) > { > if (is_ppc_secureboot_enabled()) { > - if (IS_ENABLED(CONFIG_MODULE_SIG)) > - set_module_sig_enforced(); > + set_module_sig_enforced(); > > if (is_ppc_trustedboot_enabled()) > return secure_and_trusted_rules; > > -- > 2.52.0 >
Reviewed-by: Aaron Tomlin <[email protected]> -- Aaron Tomlin
signature.asc
Description: PGP signature
