From: Tyler Hicks <tyhicks@linux.microsoft.com>
Date: Tue, 23 Jun 2020 23:38:23 +0000 (-0500)
Subject: ima: AppArmor satisfies the audit rule requirements
X-Git-Tag: v5.9-rc1~124^2~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1768215a650c612e7e68e779cfb50a8b55c2cf40;p=thirdparty%2Fkernel%2Flinux.git

ima: AppArmor satisfies the audit rule requirements

AppArmor meets all the requirements for IMA in terms of audit rules
since commit e79c26d04043 ("apparmor: Add support for audit rule
filtering"). Update IMA's Kconfig section for CONFIG_IMA_LSM_RULES to
reflect this.

Fixes: e79c26d04043 ("apparmor: Add support for audit rule filtering")
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---

diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index edde88dbe5766..794ebb5cbf74a 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -54,7 +54,7 @@ config IMA_MEASURE_PCR_IDX
 
 config IMA_LSM_RULES
 	bool
-	depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK)
+	depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK || SECURITY_APPARMOR)
 	default y
 	help
 	  Disabling this option will disregard LSM based policy rules.