| From 82c04ff89eba09d0e46e3f3649c6d3aa18e764a0 Mon Sep 17 00:00:00 2001 |
| From: Peter Foley <pefoley2@pefoley.com> |
| Date: Fri, 18 Apr 2014 15:07:11 -0700 |
| Subject: init/Kconfig: move the trusted keyring config option to general setup |
| |
| From: Peter Foley <pefoley2@pefoley.com> |
| |
| commit 82c04ff89eba09d0e46e3f3649c6d3aa18e764a0 upstream. |
| |
| The SYSTEM_TRUSTED_KEYRING config option is not in any menu, causing it |
| to show up in the toplevel of the kernel configuration. Fix this by |
| moving it under the General Setup menu. |
| |
| Signed-off-by: Peter Foley <pefoley2@pefoley.com> |
| Cc: David Howells <dhowells@redhat.com> |
| Signed-off-by: Andrew Morton <akpm@linux-foundation.org> |
| Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| init/Kconfig | 24 ++++++++++++------------ |
| 1 file changed, 12 insertions(+), 12 deletions(-) |
| |
| --- a/init/Kconfig |
| +++ b/init/Kconfig |
| @@ -1621,6 +1621,18 @@ config MMAP_ALLOW_UNINITIALIZED |
| |
| See Documentation/nommu-mmap.txt for more information. |
| |
| +config SYSTEM_TRUSTED_KEYRING |
| + bool "Provide system-wide ring of trusted keys" |
| + depends on KEYS |
| + help |
| + Provide a system keyring to which trusted keys can be added. Keys in |
| + the keyring are considered to be trusted. Keys may be added at will |
| + by the kernel from compiled-in data and from hardware key stores, but |
| + userspace may only add extra keys if those keys can be verified by |
| + keys already in the keyring. |
| + |
| + Keys in this keyring are used by module signature checking. |
| + |
| config PROFILING |
| bool "Profiling support" |
| help |
| @@ -1656,18 +1668,6 @@ config BASE_SMALL |
| default 0 if BASE_FULL |
| default 1 if !BASE_FULL |
| |
| -config SYSTEM_TRUSTED_KEYRING |
| - bool "Provide system-wide ring of trusted keys" |
| - depends on KEYS |
| - help |
| - Provide a system keyring to which trusted keys can be added. Keys in |
| - the keyring are considered to be trusted. Keys may be added at will |
| - by the kernel from compiled-in data and from hardware key stores, but |
| - userspace may only add extra keys if those keys can be verified by |
| - keys already in the keyring. |
| - |
| - Keys in this keyring are used by module signature checking. |
| - |
| menuconfig MODULES |
| bool "Enable loadable module support" |
| option modules |