| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Oct 2009 16:12:38 -0400 From: Mimi Zohar <zohar@...ux.vnet.ibm.com> To: linux-kernel@...r.kernel.org Cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>, Jean-Christophe Dubois <jcd@...budubois.net>, James Morris <jmorris@...ei.org>, David Safford <safford@...son.ibm.com>, Mimi Zohar <zohar@...ibm.com> Subject: [PATCH] ima: remove ACPI dependency Remove ACPI dependency on systems without a TPM enabled. Reported-by: Jean-Christophe Dubois <jcd@...budubois.net> Signed-off-by: Mimi Zohar <zohar@...ibm.com> --- security/integrity/ima/Kconfig | 16 +++++++--------- 1 files changed, 7 insertions(+), 9 deletions(-) diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index 53d9764..3ca39e7 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -2,14 +2,12 @@ # config IMA bool "Integrity Measurement Architecture(IMA)" - depends on ACPI select SECURITYFS select CRYPTO select CRYPTO_HMAC select CRYPTO_MD5 select CRYPTO_SHA1 - select TCG_TPM - select TCG_TIS + select ACPI if TCG_TPM help The Trusted Computing Group(TCG) runtime Integrity Measurement Architecture(IMA) maintains a list of hash @@ -18,12 +16,12 @@ config IMA to change the contents of an important system file being measured, we can tell. - If your system has a TPM chip, then IMA also maintains - an aggregate integrity value over this list inside the - TPM hardware, so that the TPM can prove to a third party - whether or not critical system files have been modified. - Read <http://www.usenix.org/events/sec04/tech/sailer.html> - to learn more about IMA. + If your system has a TPM chip, and it is enabled, then + IMA also maintains an aggregate integrity value over + this list inside the TPM hardware, so that the TPM can + prove to a third party whether or not critical system + files have been modified. To learn more about IMA, read + <http://www.usenix.org/events/sec04/tech/sailer.html> If unsure, say N. config IMA_MEASURE_PCR_IDX -- 1.6.0.6 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists