korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-13 14:24:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

certs: move the 'depends on' to the choice of module signing keys

Browse Source 
When the condition "MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES)"
is unmet, you cannot choose anything in the choice, but the choice
menu is still displayed in the menuconfig etc.

Move the 'depends on' to the choice to hide the meaningless menu.

Also delete the redundant 'default'. In a choice, the first entry is
the default.

Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
This commit is contained in:
Masahiro Yamada 2021-10-01 13:01:26 +09:00
parent 4dc0759c56
commit be0d5fa7f0
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
certs/Kconfig
View File

@ -17,21 +17,19 @@ config MODULE_SIG_KEY
choice choice
prompt "Type of module signing key to be generated" prompt "Type of module signing key to be generated"
default MODULE_SIG_KEY_TYPE_RSA depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES)
help help
The type of module signing key type to generate. This option The type of module signing key type to generate. This option
does not apply if a #PKCS11 URI is used. does not apply if a #PKCS11 URI is used.
config MODULE_SIG_KEY_TYPE_RSA config MODULE_SIG_KEY_TYPE_RSA
bool "RSA" bool "RSA"
depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES)
help help
Use an RSA key for module signing. Use an RSA key for module signing.
config MODULE_SIG_KEY_TYPE_ECDSA config MODULE_SIG_KEY_TYPE_ECDSA
bool "ECDSA" bool "ECDSA"
select CRYPTO_ECDSA select CRYPTO_ECDSA
depends on MODULE_SIG || (IMA_APPRAISE_MODSIG && MODULES)
help help
Use an elliptic curve key (NIST P384) for module signing. Consider Use an elliptic curve key (NIST P384) for module signing. Consider
using a strong hash like sha256 or sha384 for hashing modules. using a strong hash like sha256 or sha384 for hashing modules.