Comment 25 for bug 1866909

Afaict the ppc ima arch policy is about ensuring that signature verification is done for module loading and kexec, which in our kernel will be enforced by automatically turning on lockdown integrity mode under secure boot. So my conclusion is that CONFIG_MODULE_SIG_FORCE should stay off and CONFIG_IMA_ARCH_POLICY should be disabled.