evm: EVM_LOAD_X509 depends on EVM

The newly added EVM_LOAD_X509 code can be configured even if
CONFIG_EVM is disabled, but that causes a link error:

security/built-in.o: In function `integrity_load_keys':
digsig_asymmetric.c:(.init.text+0x400): undefined reference to `evm_load_x509'

This adds a Kconfig dependency to ensure it is only enabled when
CONFIG_EVM is set as well.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes: 2ce523eb8976 ("evm: load x509 certificate from the kernel")
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index 913532c..e825e0a 100644 (file)
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -44,7 +44,7 @@ config EVM_EXTRA_SMACK_XATTRS
 
 config EVM_LOAD_X509
        bool "Load an X509 certificate onto the '.evm' trusted keyring"
-       depends on INTEGRITY_TRUSTED_KEYRING
+       depends on EVM && INTEGRITY_TRUSTED_KEYRING
        default n
        help
           Load an X509 certificate onto the '.evm' trusted keyring.