[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <10434.1459966209@warthog.procyon.org.uk>
Date: Wed, 06 Apr 2016 19:10:09 +0100
From: David Howells <dhowells@...hat.com>
To: Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc: dhowells@...hat.com, linux-security-module@...r.kernel.org,
keyrings@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] IMA: Use the system trusted keyrings instead of .ima_mok (update)
Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:
> I'm not sure what you're asking. If you're asking if the whole file can
> be include based on whether this option is enabled, then no.
No - but integrity_init_keyring() just returns if init_keyring is false - but
this is a variable and is assigned storage, despite the fact that its value is
only set at compile time as far as I can see.
David
Powered by blists - more mailing lists