From: Takashi Iwai <tiwai@suse.de>
Subject: [PATCH] ima: Fix undefined arch_ima_get_secureboot() and co
Date: Mon, 13 Dec 2021 17:11:45 +0100
Message-Id: <20211213161145.3447-1-tiwai@suse.de>
Git-commit: 54bf7fa3efd08eea03e4bac04e188ee3db6173a7
Patch-mainline: v5.17-rc1
References: bsc#1193674

Currently arch_ima_get_secureboot() and arch_get_ima_policy() are
defined only when CONFIG_IMA is set, and this makes the code calling
those functions without CONFIG_IMA failing.  Although there is no such
in-tree users, but the out-of-tree users already hit it.

Move the declaration and the dummy definition of those functions
outside ifdef-CONFIG_IMA block for fixing the undefined symbols.

Signed-off-by: Takashi Iwai <tiwai@suse.de>

---
 include/linux/ima.h |   30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

--- a/include/linux/ima.h
+++ b/include/linux/ima.h
@@ -48,21 +48,6 @@ static inline void ima_appraise_parse_cm
 extern void ima_add_kexec_buffer(struct kimage *image);
 #endif
 
-#ifdef CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT
-extern bool arch_ima_get_secureboot(void);
-extern const char * const *arch_get_ima_policy(void);
-#else
-static inline bool arch_ima_get_secureboot(void)
-{
-	return false;
-}
-
-static inline const char * const *arch_get_ima_policy(void)
-{
-	return NULL;
-}
-#endif
-
 #else
 static inline int ima_bprm_check(struct linux_binprm *bprm)
 {
@@ -144,6 +129,21 @@ static inline void ima_measure_critical_
 
 #endif /* CONFIG_IMA */
 
+#ifdef CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT
+extern bool arch_ima_get_secureboot(void);
+extern const char * const *arch_get_ima_policy(void);
+#else
+static inline bool arch_ima_get_secureboot(void)
+{
+	return false;
+}
+
+static inline const char * const *arch_get_ima_policy(void)
+{
+	return NULL;
+}
+#endif
+
 #ifndef CONFIG_IMA_KEXEC
 struct kimage;