Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG

Next message: Jarkko Sakkinen: "Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG"
Previous message: Miguel Ojeda: "Re: [PATCH v3 1/2] rust: kasan: KASAN+RUST requires clang"
Next in thread: Jarkko Sakkinen: "Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jarkko Sakkinen

Date: Wed Apr 08 2026 - 04:42:28 EST

On Tue, Mar 24, 2026 at 07:46:10PM -0400, Mimi Zohar wrote:
> Hi Eric,
>
> On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> > encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> > duplicative crypto_rng one. So it does not need to select CRYPTO_RNG.
> >
> > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
>
> Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
>
> > ---
> >
> > This patch is targeting the keyrings tree
>
> Not sure what you mean by targeting the keyrings tree. I can definitely queue
> it.
>
> >
> > security/keys/Kconfig | 1 -
> > 1 file changed, 1 deletion(-)
> >
> > diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> > index 84f39e50ca36..f4510d8cb485 100644
> > --- a/security/keys/Kconfig
> > +++ b/security/keys/Kconfig
> > @@ -85,11 +85,10 @@ config ENCRYPTED_KEYS
> > tristate "ENCRYPTED KEYS"
> > select CRYPTO
> > select CRYPTO_AES
> > select CRYPTO_CBC
> > select CRYPTO_LIB_SHA256
> > - select CRYPTO_RNG
> > help
> > This option provides support for create/encrypting/decrypting keys
> > in the kernel. Encrypted keys are instantiated using kernel
> > generated random numbers or provided decrypted data, and are
> > encrypted/decrypted with a 'master' symmetric key. The 'master'
> >
> > base-commit: 113ae7b4decc6c2d95bdbbe52e615a0137ef7f9f

I applied this.

BR, Jarkko