evm: enable key retention service automatically If keys are not enabled, EVM is not visible in the configuration menu. It may be difficult to figure out what to do unless you really know. Other subsystems as NFS, CIFS select keys automatically. This patch does the same. This patch also removes '(TRUSTED_KEYS=y || TRUSTED_KEYS=n)' dependency, which is unnecessary. EVM does not depend on trusted keys, but on encrypted keys. evm.h provides compile time dependency. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

commit: a3aef94b312ec51b5dfc199ef884924e60ad1b75 [log] [tgz]
author: Dmitry Kasatkin <d.kasatkin@samsung.com> Fri Feb 28 14:18:09 2014 +0200
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> Fri Mar 07 12:15:49 2014 -0500
tree: d8701214ae5cc34eb70adba841fcb3e62c875bf8
parent: 1d91ac6213003f525ac34da5e39cbb6612d19deb [diff] [blame]
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index 5aa9103..d35b4915 100644
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig

@@ -1,9 +1,10 @@
 config EVM
 	boolean "EVM support"
-	depends on SECURITY && KEYS && (TRUSTED_KEYS=y || TRUSTED_KEYS=n)
+	depends on SECURITY
+	select KEYS
+	select ENCRYPTED_KEYS
 	select CRYPTO_HMAC
 	select CRYPTO_SHA1
-	select ENCRYPTED_KEYS
 	default n
 	help
 	  EVM protects a file's security extended attributes against
commit	a3aef94b312ec51b5dfc199ef884924e60ad1b75	[log] [tgz]
author	Dmitry Kasatkin <d.kasatkin@samsung.com>	Fri Feb 28 14:18:09 2014 +0200
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	Fri Mar 07 12:15:49 2014 -0500
tree	d8701214ae5cc34eb70adba841fcb3e62c875bf8
parent	1d91ac6213003f525ac34da5e39cbb6612d19deb [diff] [blame]