powerpc/ima: Drop unnecessary check for CONFIG_MODULE_SIG

When CONFIG_MODULE_SIG is disabled set_module_sig_enforced() is defined
as an empty stub, so the check is unnecessary.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Aaron Tomlin <atomlin@atomlin.com>
Reviewed-by: Nicolas Schier <nsc@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

diff --git a/arch/powerpc/kernel/ima_arch.c b/arch/powerpc/kernel/ima_arch.c
index 0d8892a0352662b040922a48c4ec64412c3327a2..17f9304855e92e8dec52ee3881525879617b5117 100644 (file)
--- a/arch/powerpc/kernel/ima_arch.c
+++ b/arch/powerpc/kernel/ima_arch.c
@@ -58,8 +58,7 @@ static const char *const secure_and_trusted_rules[] = {
 const char *const *arch_get_ima_policy(void)
 {
        if (is_ppc_secureboot_enabled()) {
-               if (IS_ENABLED(CONFIG_MODULE_SIG))
-                       set_module_sig_enforced();
+               set_module_sig_enforced();
 
                if (is_ppc_trustedboot_enabled())
                        return secure_and_trusted_rules;