evm: EVM_LOAD_X509 depends on EVM
authorArnd Bergmann <arnd@arndb.de>
Fri, 27 Nov 2015 13:52:33 +0000 (14:52 +0100)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Tue, 15 Dec 2015 14:57:21 +0000 (09:57 -0500)
The newly added EVM_LOAD_X509 code can be configured even if
CONFIG_EVM is disabled, but that causes a link error:

security/built-in.o: In function `integrity_load_keys':
digsig_asymmetric.c:(.init.text+0x400): undefined reference to `evm_load_x509'

This adds a Kconfig dependency to ensure it is only enabled when
CONFIG_EVM is set as well.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes: 2ce523eb8976 ("evm: load x509 certificate from the kernel")
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
security/integrity/evm/Kconfig

index 913532c5db4fb605babfa7f35509c4113e6e4d88..e825e0ae78e72fdd548a0f10de2f865d84e41543 100644 (file)
@@ -44,7 +44,7 @@ config EVM_EXTRA_SMACK_XATTRS
 
 config EVM_LOAD_X509
        bool "Load an X509 certificate onto the '.evm' trusted keyring"
-       depends on INTEGRITY_TRUSTED_KEYRING
+       depends on EVM && INTEGRITY_TRUSTED_KEYRING
        default n
        help
           Load an X509 certificate onto the '.evm' trusted keyring.