[apparmor] [PATCH] apparmor: Fix build error when CRYPTO_SHA1=m
Tyler Hicks
tyhicks at canonical.com
Thu Oct 23 15:54:28 UTC 2014
On 2014-10-23 11:50:28, Seth Arnold wrote:
> On Thu, Oct 23, 2014 at 11:21:22AM -0400, Tyler Hicks wrote:
> > The AppArmor profile hashing feature, configured by
> > CONFIG_SECURITY_APPARMOR_HASH, uses SHA-1 as the hashing algorithm and
> > selects CRYPTO_SHA1. However, by depending on CRYPTO, instead of
> > selecting it, the tristates CRYPTO and CRYPTO_SHA1 could both be
> > configured as modules. This causes a build error because LSMs must be
> > built-in and SECURITY_APPARMOR and SECURITY_APPARMOR_HASH are both
> > bools.
> >
> > Selecting CRYPTO solves the problem by enforcing that the crypto
> > subsystem and the SHA-1 code are built-in when
> > CONFIG_SECURITY_APPARMOR_HASH is selected.
>
> Do we also need to select CRYPTO_HASH? CRYPTO_SHA1 depends upon it, too.
Since CRYPTO_SHA1 selects CRYPTO_HASH, we're good. I followed the lead
of other subsystems that have the same type of dependency.
>
> > Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
>
> Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thank you!
Tyler
>
> Thanks
>
> > ---
> > security/apparmor/Kconfig | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/security/apparmor/Kconfig b/security/apparmor/Kconfig
> > index d49c539..232469b 100644
> > --- a/security/apparmor/Kconfig
> > +++ b/security/apparmor/Kconfig
> > @@ -33,7 +33,7 @@ config SECURITY_APPARMOR_BOOTPARAM_VALUE
> > config SECURITY_APPARMOR_HASH
> > bool "SHA1 hash of loaded profiles"
> > depends on SECURITY_APPARMOR
> > - depends on CRYPTO
> > + select CRYPTO
> > select CRYPTO_SHA1
> > default y
> >
> > --
> > 2.1.0
> >
> >
> > --
> > AppArmor mailing list
> > AppArmor at lists.ubuntu.com
> > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
> >
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141023/1ef5b00d/attachment.pgp>
More information about the AppArmor
mailing list