How should we handle a bool depending on a tristate?

From: David Howells
Date: Mon May 18 2020 - 12:01:03 EST

Next message: Jonathan Albrieux: "Re: [PATCH 3/3] iio: magnetometer: ak8975: Add gpio reset support"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH v3 3/3] perf docs: introduce security.txt file to document related issues"
In reply to: Stephen Rothwell: "linux-next: build failure after merge of the keys tree"
Next in thread: Linus Torvalds: "Re: How should we handle a bool depending on a tristate?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> wrote:

> After merging the keys tree, today's linux-next build (x86_64
> allmodconfig) failed like this:
>
> x86_64-linux-gnu-ld: security/keys/big_key.o: in function `big_key_read':
> big_key.c:(.text+0x562): undefined reference to `chacha20poly1305_decrypt'
> x86_64-linux-gnu-ld: security/keys/big_key.o: in function `big_key_preparse':
> big_key.c:(.text+0x825): undefined reference to `chacha20poly1305_encrypt'
>
> Caused by commit
>
> e0a715753a88 ("security/keys: rewrite big_key crypto to use library interface")
>
> I have used the version from next-20200512 again tdoay.

Blech. Yeah. "depends on" doesn't work either. The problem actually lies
within the Kconfig framework. It doesn't know how to handle a bool depending
on a tristate.

So the issue is that with Jason's patch, we now have:

config BIG_KEYS
bool "Large payload keys"
depends on KEYS
depends on TMPFS
depends on CRYPTO_LIB_CHACHA20POLY1305

...

config CRYPTO_LIB_CHACHA20POLY1305
tristate "ChaCha20-Poly1305 AEAD support (8-byte nonce library version)"
depends on CRYPTO_ARCH_HAVE_LIB_CHACHA || !CRYPTO_ARCH_HAVE_LIB_CHACHA
depends on CRYPTO_ARCH_HAVE_LIB_POLY1305 || !CRYPTO_ARCH_HAVE_LIB_POLY1305
select CRYPTO_LIB_CHACHA
select CRYPTO_LIB_POLY1305

But you're allowed to set CONFIG_CRYPTO_LIB_CHACHA20POLY1305=m.

Using "select" instead can lead to warnings about circular dependencies and,
in any case, doesn't propagate the selection up the tree.

Also, in this case, having BIG_KEYS select everything isn't practical as
CRYPTO_LIB_CHACHA20POLY1305 has a logical-XOR in its depends on.

I think one or more of the following things need to happen:

(1) The configurator needs to give an error if it detects this.

(2) The configurator needs to propagate select rootwards.

(3) The configurator needs to propagate "=y" rootwards over depends on,
prohibiting "=m".

(4) The BIG_KEYS config needs to switch to a tristate.[*]

Do we have a preference?

David

[*] Note there have been situations where switching to a tristate isn't
technically an option because the dependency target was required during
boot (crypto used by module checking, for example), but we've just had to
work around it and hope whoever was configuring the kernel built
everything in.

Next message: Jonathan Albrieux: "Re: [PATCH 3/3] iio: magnetometer: ak8975: Add gpio reset support"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH v3 3/3] perf docs: introduce security.txt file to document related issues"
In reply to: Stephen Rothwell: "linux-next: build failure after merge of the keys tree"
Next in thread: Linus Torvalds: "Re: How should we handle a bool depending on a tristate?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]