Re: [PATCH v7 2/5] IMA: Define an IMA hook to measure keys

From: Lakshmi Ramasubramanian
Date: Thu Nov 14 2019 - 13:30:44 EST

Next message: Sean Christopherson: "Re: [PATCH v2 06/16] x86/cpu: Clear VMX feature flag if VMX is not fully enabled"
Previous message: Steven Rostedt: "Re: [PATCH 03/10] ftrace: Add register_ftrace_direct()"
In reply to: Lakshmi Ramasubramanian: "[PATCH v7 2/5] IMA: Define an IMA hook to measure keys"
Next in thread: Lakshmi Ramasubramanian: "[PATCH v7 3/5] KEYS: Call the IMA hook to measure keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/13/19 7:11 PM, Lakshmi Ramasubramanian wrote:

The IMA hook is defined in a new file namely ima_asymmetric_keys.c
which is built only if CONFIG_KEYS is enabled.

I think instead of CONFIG_KEYS I should use CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE for ima_asymmetric_keys.c since this config is enabled only when both CONFIG_ASYMMETRIC_KEY_TYPE and CONFIG_KEYS are enabled.

Please see below taken from "crypto/asymmetric_keys/Kconfig"

# SPDX-License-Identifier: GPL-2.0
menuconfig ASYMMETRIC_KEY_TYPE
bool "Asymmetric (public-key cryptographic) key type"
depends on KEYS
help
This option provides support for a key type that holds the data for
the asymmetric keys used for public key cryptographic operations such
as encryption, decryption, signature generation and signature
verification.

if ASYMMETRIC_KEY_TYPE

config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
tristate "Asymmetric public-key crypto algorithm subtype"

endif # ASYMMETRIC_KEY_TYPE

thanks,
-lakshmi

Next message: Sean Christopherson: "Re: [PATCH v2 06/16] x86/cpu: Clear VMX feature flag if VMX is not fully enabled"
Previous message: Steven Rostedt: "Re: [PATCH 03/10] ftrace: Add register_ftrace_direct()"
In reply to: Lakshmi Ramasubramanian: "[PATCH v7 2/5] IMA: Define an IMA hook to measure keys"
Next in thread: Lakshmi Ramasubramanian: "[PATCH v7 3/5] KEYS: Call the IMA hook to measure keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]