summaryrefslogtreecommitdiff
path: root/security/integrity/ima/Kconfig
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/ima/Kconfig')
-rw-r--r--security/integrity/ima/Kconfig5
1 files changed, 4 insertions, 1 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 648a0461f8ed..aac1be1948f0 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -124,14 +124,17 @@ config IMA_APPRAISE
If unsure, say N.
config IMA_TRUSTED_KEYRING
- bool "Require all keys on the .ima keyring be signed"
+ bool "Require all keys on the .ima keyring be signed (deprecated)"
depends on IMA_APPRAISE && SYSTEM_TRUSTED_KEYRING
depends on INTEGRITY_ASYMMETRIC_KEYS
+ select INTEGRITY_TRUSTED_KEYRING
default y
help
This option requires that all keys added to the .ima
keyring be signed by a key on the system trusted keyring.
+ This option is deprecated in favor of INTEGRITY_TRUSTED_KEYRING
+
config IMA_LOAD_X509
bool "Load X509 certificate onto the '.ima' trusted keyring"
depends on IMA_TRUSTED_KEYRING
generated by cgit v1.2.3 (git 2.0.4) at 2024-06-02 13:28:02 +0000