You need to sign in or sign up before continuing.
[redhat] New configs in security/keys
Upstream's CONFIG_TRUSTED_KEYS was split-add-ed to:
TRUSTED_KEYS (tristate)
TRUSTED_KEYS_TPM (bool) (depends on TCG_TPM >= TRUSTED_KEYS)
TRUSTED_KEYS_TEE (bool) (depends on TEE >= TRUSTED_KEYS)
TRUSTED_KEYS_CAAM (bool) (depends on CRYPTO_DEV_FSL_CAAM_JR >= TRUSTED_KEYS)
by:
e9c5048c2de1 KEYS: trusted: Introduce support for NXP CAAM-based trusted keys
be07858fbf81 KEYS: trusted: allow use of TEE as backend without TCG_TPM support
We have dependences here:
common/generic/CONFIG_TCG_TPM:CONFIG_TCG_TPM=y
common/generic/CONFIG_TEE:CONFIG_TEE=m
fedora/generic/arm/CONFIG_CRYPTO_DEV_FSL_CAAM_JR:CONFIG_CRYPTO_DEV_FSL_CAAM_JR=m
Just follow what we have currently:
TRUSTED_KEYS=y both Fedora and ELN
TRUSTED_KEYS_TPM=y both, we need this in CS, deps are ok
TRUSTED_KEYS_TEE=y both, deps are NOT ok, leave it =y
TRUSTED_KEYS_CAAM=y fedora/arm, no CAAM devices in ELN, deps are NOT ok, leave it =y
TRUSTED_KEYS_TEE and TRUSTED_KEYS_CAAM will be enabled automatically in
future as soon as CONFIG_TEE and CRYPTO_DEV_FSL_CAAM_JR change to =y.
Meanwhile, they have no effect.
Edited by Vladis Dronov