[PATCH 049/114] security: Kconfig: pedantic formatting

From: Enrico Weigelt, metux IT consult
Date: Mon Mar 11 2019 - 09:28:07 EST

Next message: Enrico Weigelt, metux IT consult: "[PATCH 042/114] drivers: tty: Kconfig: pedantic formatting"
Previous message: Administrador de cuenta: "Actualiza tu cuenta"
In reply to: Enrico Weigelt, metux IT consult: "[PATCH 055/114] drivers: crypto: Kconfig: pedantic formatting"
Next in thread: Enrico Weigelt, metux IT consult: "[PATCH 042/114] drivers: tty: Kconfig: pedantic formatting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Formatting of Kconfig files doesn't look so pretty, so let the
Great White Handkerchief come around and clean it up.

Signed-off-by: Enrico Weigelt, metux IT consult <info@xxxxxxxxx>
---
security/apparmor/Kconfig | 22 +++++++++++-----------
security/integrity/Kconfig | 32 ++++++++++++++++----------------
security/integrity/evm/Kconfig | 10 +++++-----
3 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/security/apparmor/Kconfig b/security/apparmor/Kconfig
index 3de21f4..d93810d 100644
--- a/security/apparmor/Kconfig
+++ b/security/apparmor/Kconfig
@@ -25,17 +25,17 @@ config SECURITY_APPARMOR_HASH
is available to userspace via the apparmor filesystem.

config SECURITY_APPARMOR_HASH_DEFAULT
- bool "Enable policy hash introspection by default"
- depends on SECURITY_APPARMOR_HASH
- default y
- help
- This option selects whether sha1 hashing of loaded policy
- is enabled by default. The generation of sha1 hashes for
- loaded policy provide system administrators a quick way
- to verify that policy in the kernel matches what is expected,
- however it can slow down policy load on some devices. In
- these cases policy hashing can be disabled by default and
- enabled only if needed.
+ bool "Enable policy hash introspection by default"
+ depends on SECURITY_APPARMOR_HASH
+ default y
+ help
+ This option selects whether sha1 hashing of loaded policy
+ is enabled by default. The generation of sha1 hashes for
+ loaded policy provide system administrators a quick way
+ to verify that policy in the kernel matches what is expected,
+ however it can slow down policy load on some devices. In
+ these cases policy hashing can be disabled by default and
+ enabled only if needed.

config SECURITY_APPARMOR_DEBUG
bool "Build AppArmor with debug code"
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 2ea4ec9..690bc1d 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -33,10 +33,10 @@ config INTEGRITY_ASYMMETRIC_KEYS
bool "Enable asymmetric keys support"
depends on INTEGRITY_SIGNATURE
default n
- select ASYMMETRIC_KEY_TYPE
- select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- select CRYPTO_RSA
- select X509_CERTIFICATE_PARSER
+ select ASYMMETRIC_KEY_TYPE
+ select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select CRYPTO_RSA
+ select X509_CERTIFICATE_PARSER
help
This option enables digital signature verification using
asymmetric keys.
@@ -47,20 +47,20 @@ config INTEGRITY_TRUSTED_KEYRING
depends on INTEGRITY_ASYMMETRIC_KEYS
default y
help
- This option requires that all keys added to the .ima and
- .evm keyrings be signed by a key on the system trusted
- keyring.
+ This option requires that all keys added to the .ima and
+ .evm keyrings be signed by a key on the system trusted
+ keyring.

config INTEGRITY_PLATFORM_KEYRING
- bool "Provide keyring for platform/firmware trusted keys"
- depends on INTEGRITY_ASYMMETRIC_KEYS
- depends on SYSTEM_BLACKLIST_KEYRING
- depends on EFI
- help
- Provide a separate, distinct keyring for platform trusted keys, which
- the kernel automatically populates during initialization from values
- provided by the platform for verifying the kexec'ed kerned image
- and, possibly, the initramfs signature.
+ bool "Provide keyring for platform/firmware trusted keys"
+ depends on INTEGRITY_ASYMMETRIC_KEYS
+ depends on SYSTEM_BLACKLIST_KEYRING
+ depends on EFI
+ help
+ Provide a separate, distinct keyring for platform trusted keys, which
+ the kernel automatically populates during initialization from values
+ provided by the platform for verifying the kexec'ed kerned image
+ and, possibly, the initramfs signature.

config INTEGRITY_AUDIT
bool "Enables integrity auditing support "
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index 6022185..ab5d9ae 100644
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -59,15 +59,15 @@ config EVM_LOAD_X509
depends on EVM && INTEGRITY_TRUSTED_KEYRING
default n
help
- Load an X509 certificate onto the '.evm' trusted keyring.
+ Load an X509 certificate onto the '.evm' trusted keyring.

- This option enables X509 certificate loading from the kernel
- onto the '.evm' trusted keyring. A public key can be used to
- verify EVM integrity starting from the 'init' process.
+ This option enables X509 certificate loading from the kernel
+ onto the '.evm' trusted keyring. A public key can be used to
+ verify EVM integrity starting from the 'init' process.

config EVM_X509_PATH
string "EVM X509 certificate path"
depends on EVM_LOAD_X509
default "/etc/keys/x509_evm.der"
help
- This option defines X509 certificate path.
+ This option defines X509 certificate path.
--
1.9.1

Next message: Enrico Weigelt, metux IT consult: "[PATCH 042/114] drivers: tty: Kconfig: pedantic formatting"
Previous message: Administrador de cuenta: "Actualiza tu cuenta"
In reply to: Enrico Weigelt, metux IT consult: "[PATCH 055/114] drivers: crypto: Kconfig: pedantic formatting"
Next in thread: Enrico Weigelt, metux IT consult: "[PATCH 042/114] drivers: tty: Kconfig: pedantic formatting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]