ima: efi: Drop unnecessary check for CONFIG_MODULE_SIG/CONFIG_KEXEC_SIG

When configuration settings are disabled the guarded functions are
defined as empty stubs, so the check is unnecessary.

Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Aaron Tomlin <atomlin@atomlin.com>
Reviewed-by: Nicolas Schier <nsc@kernel.org>
[zohar@linux.ibm.com: fixed merge conflict with commit 63e8a44395a4]
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

diff --git a/security/integrity/ima/ima_efi.c b/security/integrity/ima/ima_efi.c
index 78191879dd98f5ad8978fac9bbe59982ebd2e58b..bca57d836cb965bd39b01a2f1e564c3ae6872204 100644 (file)
--- a/security/integrity/ima/ima_efi.c
+++ b/security/integrity/ima/ima_efi.c
@@ -25,10 +25,8 @@ static const char * const sb_arch_rules[] = {
 const char * const *arch_get_ima_policy(void)
 {
        if (IS_ENABLED(CONFIG_IMA_ARCH_POLICY) && arch_get_secureboot()) {
-               if (IS_ENABLED(CONFIG_MODULE_SIG))
-                       set_module_sig_enforced();
-               if (IS_ENABLED(CONFIG_KEXEC_SIG))
-                       set_kexec_sig_enforced();
+               set_module_sig_enforced();
+               set_kexec_sig_enforced();
                return sb_arch_rules;
        }
        return NULL;