On 11/30/19 5:42 PM, Linus Torvalds wrote:
[ Only tangentially related to the power parts ]
On Sat, Nov 30, 2019 at 2:41 AM Michael Ellerman <m...@ellerman.id.au> wrote:
There's some changes in security/integrity as part of the secure boot work. They
were all either written by or acked/reviewed by Mimi.
-#if (defined(CONFIG_X86) && defined(CONFIG_EFI)) || defined(CONFIG_S390)
+#if (defined(CONFIG_X86) && defined(CONFIG_EFI)) || defined(CONFIG_S390) \
+ || defined(CONFIG_PPC_SECURE_BOOT)
This clearly should be its own CONFIG variable, and be generated by
having the different architectures just select it.
IOW, IMA should probably have a
config IMA_SECURE_BOOT
and then s390 would just do the select unconditionally, while x86 and
ppc would do
select IMA_SECURE_BOOT if EFI
and
select IMA_SECURE_BOOT if PPC_SECURE_BOOT
respectively.
And then we wouldn't have random architectures adding random "me me me
tooo!!!" type code.
Thanks Linus for your feedback. I will do the patch for Kconfig cleanup.
Thanks & Regards,
- Nayna
