printk: Wake up klogd using irq_work

[sfrench/cifs-2.6.git] / init / Kconfig

diff --git a/init/Kconfig b/init/Kconfig
index 89e4cf672dfe90e0d1fb75fb667d551dc7094f93..c575566be47d46801ac3af27c8ecf30494644696 100644 (file)
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -20,12 +20,8 @@ config CONSTRUCTORS
        bool
        depends on !UML
 
-config HAVE_IRQ_WORK
-       bool
-
 config IRQ_WORK
        bool
-       depends on HAVE_IRQ_WORK
 
 config BUILDTIME_EXTABLE_SORT
        bool
@@ -1200,6 +1196,7 @@ config HOTPLUG
 config PRINTK
        default y
        bool "Enable support for printk" if EXPERT
+       select IRQ_WORK
        help
          This option enables normal printk support. Removing it
          eliminates most of the message strings from the kernel image
@@ -1574,6 +1571,66 @@ config MODULE_SRCVERSION_ALL
          the version).  With this option, such a "srcversion" field
          will be created for all modules.  If unsure, say N.
 
+config MODULE_SIG
+       bool "Module signature verification"
+       depends on MODULES
+       select KEYS
+       select CRYPTO
+       select ASYMMETRIC_KEY_TYPE
+       select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+       select PUBLIC_KEY_ALGO_RSA
+       select ASN1
+       select OID_REGISTRY
+       select X509_CERTIFICATE_PARSER
+       help
+         Check modules for valid signatures upon load: the signature
+         is simply appended to the module. For more information see
+         Documentation/module-signing.txt.
+
+         !!!WARNING!!!  If you enable this option, you MUST make sure that the
+         module DOES NOT get stripped after being signed.  This includes the
+         debuginfo strip done by some packagers (such as rpmbuild) and
+         inclusion into an initramfs that wants the module size reduced.
+
+config MODULE_SIG_FORCE
+       bool "Require modules to be validly signed"
+       depends on MODULE_SIG
+       help
+         Reject unsigned modules or signed modules for which we don't have a
+         key.  Without this, such modules will simply taint the kernel.
+
+choice
+       prompt "Which hash algorithm should modules be signed with?"
+       depends on MODULE_SIG
+       help
+         This determines which sort of hashing algorithm will be used during
+         signature generation.  This algorithm _must_ be built into the kernel
+         directly so that signature verification can take place.  It is not
+         possible to load a signed module containing the algorithm to check
+         the signature on that module.
+
+config MODULE_SIG_SHA1
+       bool "Sign modules with SHA-1"
+       select CRYPTO_SHA1
+
+config MODULE_SIG_SHA224
+       bool "Sign modules with SHA-224"
+       select CRYPTO_SHA256
+
+config MODULE_SIG_SHA256
+       bool "Sign modules with SHA-256"
+       select CRYPTO_SHA256
+
+config MODULE_SIG_SHA384
+       bool "Sign modules with SHA-384"
+       select CRYPTO_SHA512
+
+config MODULE_SIG_SHA512
+       bool "Sign modules with SHA-512"
+       select CRYPTO_SHA512
+
+endchoice
+
 endif # MODULES
 
 config INIT_ALL_POSSIBLE
@@ -1607,4 +1664,12 @@ config PADATA
 config BROKEN_RODATA
        bool
 
+config ASN1
+       tristate
+       help
+         Build a simple ASN.1 grammar compiler that produces a bytecode output
+         that can be interpreted by the ASN.1 stream decoder and used to
+         inform it as to what tags are to be expected in a stream and what
+         functions to call on what tags.
+
 source "kernel/Kconfig.locks"