Re: [PATCH] ima: add a new CONFIG for loading arch-specific policies

From: Lakshmi Ramasubramanian
Date: Wed Feb 26 2020 - 14:21:02 EST

Next message: Uwe Kleine-König: "Re: (EXT) Re: [PATCH 1/4] pwm: pca9685: remove unused duty_cycle struct element"
Previous message: Waiman Long: "Re: [PATCH 00/11] fs/dcache: Limit # of negative dentries"
In reply to: Nayna Jain: "[PATCH] ima: add a new CONFIG for loading arch-specific policies"
Next in thread: Mimi Zohar: "Re: [PATCH] ima: add a new CONFIG for loading arch-specific policies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Nayna,

+
+config IMA_SECURE_AND_OR_TRUSTED_BOOT
+ bool
+ depends on IMA
+ depends on IMA_ARCH_POLICY
+ default n
+ help
+ This option is selected by architectures to enable secure and/or
+ trusted boot based on IMA runtime policies.

Why is the default for this new config "n"?
Is there any reason to not turn on this config if both IMA and IMA_ARCH_POLICY are set to y?

thanks,
-lakshmi

Next message: Uwe Kleine-König: "Re: (EXT) Re: [PATCH 1/4] pwm: pca9685: remove unused duty_cycle struct element"
Previous message: Waiman Long: "Re: [PATCH 00/11] fs/dcache: Limit # of negative dentries"
In reply to: Nayna Jain: "[PATCH] ima: add a new CONFIG for loading arch-specific policies"
Next in thread: Mimi Zohar: "Re: [PATCH] ima: add a new CONFIG for loading arch-specific policies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]