diff options
author | David Howells <dhowells@redhat.com> | 2016-04-06 17:14:26 +0200 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2016-04-11 23:43:24 +0200 |
commit | 99716b7cae8263e1c7e7c1987e95d8f67071ab3e (patch) | |
tree | f1d551d31bd36b6e3594664c95183af544984c1d | |
parent | X.509: Move the trust validation code out to its own file (diff) | |
download | linux-99716b7cae8263e1c7e7c1987e95d8f67071ab3e.tar.xz linux-99716b7cae8263e1c7e7c1987e95d8f67071ab3e.zip |
KEYS: Make the system trusted keyring depend on the asymmetric key type
Make the system trusted keyring depend on the asymmetric key type as
there's not a lot of point having it if you can't then load asymmetric keys
onto it.
This requires the ASYMMETRIC_KEY_TYPE to be made a bool, not a tristate, as
the Kconfig language doesn't then correctly force ASYMMETRIC_KEY_TYPE to
'y' rather than 'm' if SYSTEM_TRUSTED_KEYRING is 'y'.
Making SYSTEM_TRUSTED_KEYRING *select* ASYMMETRIC_KEY_TYPE instead doesn't
work as the Kconfig interpreter then wrongly complains about dependency
loops.
Signed-off-by: David Howells <dhowells@redhat.com>
-rw-r--r-- | certs/Kconfig | 1 | ||||
-rw-r--r-- | crypto/asymmetric_keys/Kconfig | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/certs/Kconfig b/certs/Kconfig index f0f8a4433685..743d480f5f6f 100644 --- a/certs/Kconfig +++ b/certs/Kconfig @@ -17,6 +17,7 @@ config MODULE_SIG_KEY config SYSTEM_TRUSTED_KEYRING bool "Provide system-wide ring of trusted keys" depends on KEYS + depends on ASYMMETRIC_KEY_TYPE help Provide a system keyring to which trusted keys can be added. Keys in the keyring are considered to be trusted. Keys may be added at will diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig index f7d2ef9789d8..e28e912000a7 100644 --- a/crypto/asymmetric_keys/Kconfig +++ b/crypto/asymmetric_keys/Kconfig @@ -1,5 +1,5 @@ menuconfig ASYMMETRIC_KEY_TYPE - tristate "Asymmetric (public-key cryptographic) key type" + bool "Asymmetric (public-key cryptographic) key type" depends on KEYS help This option provides support for a key type that holds the data for |