redhat/configs: disable {IMA,EVM}_LOAD_X509

Bruno Meneguelerequested to merge
bmeneg/kernel-ark:ima-x509 into os-build

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1977529

This option was enabled by mistake (from my own part): this is only used for
allowing the option {IMA,EVM}_X509_PATH to be set with a specific path in
the system pointing to a valid X509 certificate, specific built for the
integrity subsystem. It turns out that we don't have such certificate and am
not sure it's going to be used anytime soon. In RHEL-8 we've allowed trusted
certificates to the integrity subsystem using the secure boot CA and the
certs used for the kernel build.

With these options set we have the following two error lines in dmesg:

integrity: Unable to open file: /etc/keys/x509_ima.der (-2)
integrity: Unable to open file: /etc/keys/x509_evm.der (-2)

Signed-off-by: Bruno Meneguele bmeneg@redhat.com

Merge request reports