summaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorJiandi An <anjiandi@codeaurora.org>2018-03-07 06:26:26 +0100
committerMimi Zohar <zohar@linux.vnet.ibm.com>2018-03-25 13:24:31 +0200
commitfac37c628fd5d68fd7298d9b57ae8601ee1b4723 (patch)
tree5be5c186ee406bade20468f4738873c45d682040 /security/integrity
parentevm: Constify *integrity_status_msg[] (diff)
downloadlinux-fac37c628fd5d68fd7298d9b57ae8601ee1b4723.tar.xz
linux-fac37c628fd5d68fd7298d9b57ae8601ee1b4723.zip
ima: Fix Kconfig to select TPM 2.0 CRB interface
TPM_CRB driver provides TPM CRB 2.0 support. If it is built as a module, the TPM chip is registered after IMA init. tpm_pcr_read() in IMA fails and displays the following message even though eventually there is a TPM chip on the system. ima: No TPM chip found, activating TPM-bypass! (rc=-19) Fix IMA Kconfig to select TPM_CRB so TPM_CRB driver is built in the kernel and initializes before IMA. Signed-off-by: Jiandi An <anjiandi@codeaurora.org> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/Kconfig1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 35ef69312811..6a8f67714c83 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -10,6 +10,7 @@ config IMA
select CRYPTO_HASH_INFO
select TCG_TPM if HAS_IOMEM && !UML
select TCG_TIS if TCG_TPM && X86
+ select TCG_CRB if TCG_TPM && ACPI
select TCG_IBMVTPM if TCG_TPM && PPC_PSERIES
help
The Trusted Computing Group(TCG) runtime Integrity