The newly added EVM_LOAD_X509 code can be configured even if
CONFIG_EVM is disabled, but that causes a link error:
security/built-in.o: In function `integrity_load_keys':
digsig_asymmetric.c:(.init.text+0x400): undefined reference to `evm_load_x509'
This adds a Kconfig dependency to ensure it is only enabled when
CONFIG_EVM is set as well.
Signed-off-by: Arnd Bergmann <a...@arndb.de>
Fixes: 7f753c992343 ("evm: load x509 certificate from the kernel")
---
Found on yesterday's linux-next with ARM randconfig builds
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index b1433e9cd8cb..87e83adf4c6e 100644
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -44,7 +44,7 @@ config EVM_EXTRA_SMACK_XATTRS
config EVM_LOAD_X509
bool "Load X509 certificate to the '.evm' trusted keyring"
- depends on INTEGRITY_TRUSTED_KEYRING
+ depends on EVM && INTEGRITY_TRUSTED_KEYRING
default n
help
Load X509 certificate to the '.evm' trusted keyring.
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
