author: Linus Torvalds <torvalds@linux-foundation.org> 2021-05-01 15:32:18 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> 2021-05-01 15:32:18 -0700
commit: e6f0bf09f0669b3c2cd77fa906830123279a0a21
parent: 10a3efd0fee5e881b1866cf45950808575cb0f24
Commit Summary:
Diffstat:
1 file changed, 3 insertions, 3 deletions
diff --git a/init/Kconfig b/init/Kconfig
index 9acb7762e971..b71bf0cf5688 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -2182,7 +2182,7 @@ config MODULE_SIG_FORCE
config MODULE_SIG_ALL
bool "Automatically sign all modules"
default y
- depends on MODULE_SIG
+ depends on MODULE_SIG || IMA_APPRAISE_MODSIG
help
Sign all modules during make modules_install. Without this option,
modules must be signed manually, using the scripts/sign-file tool.
@@ -2192,7 +2192,7 @@ comment "Do not forget to sign required modules with scripts/sign-file"
choice
prompt "Which hash algorithm should modules be signed with?"
- depends on MODULE_SIG
+ depends on MODULE_SIG || IMA_APPRAISE_MODSIG
help
This determines which sort of hashing algorithm will be used during
signature generation. This algorithm _must_ be built into the kernel
@@ -2224,7 +2224,7 @@ endchoice
config MODULE_SIG_HASH
string
- depends on MODULE_SIG
+ depends on MODULE_SIG || IMA_APPRAISE_MODSIG
default "sha1" if MODULE_SIG_SHA1
default "sha224" if MODULE_SIG_SHA224
default "sha256" if MODULE_SIG_SHA256