On Fri, 2014-02-28 at 16:59 +0200, Dmitry Kasatkin wrote: > If keys are not enabled, EVM is not visible in the configuration menu. > It may be difficult to figure out what to do unless you really know. > > Other subsystems as NFS, CIFS select keys automatically. > This patch does the same. > > Signed-off-by: Dmitry Kasatkin <d.kasat...@samsung.com> > --- > security/integrity/evm/Kconfig | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig > index 5aa9103..d35b491 100644 > --- a/security/integrity/evm/Kconfig > +++ b/security/integrity/evm/Kconfig > @@ -1,9 +1,10 @@ > config EVM > boolean "EVM support" > - depends on SECURITY && KEYS && (TRUSTED_KEYS=y || TRUSTED_KEYS=n)
Including KEYS is fine, but the trusted-keys dependency is still required. If trusted-keys is enabled, then the TPM and trusted-keys must be builtin. Mimi > + depends on SECURITY > + select KEYS > + select ENCRYPTED_KEYS > select CRYPTO_HMAC > select CRYPTO_SHA1 > - select ENCRYPTED_KEYS > default n > help > EVM protects a file's security extended attributes against -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/