Re: [PATCH] lib/crypto: add prompts back to crypto libraries
From: Ard Biesheuvel
Date: Tue Jan 11 2022 - 17:25:14 EST
On Tue, 11 Jan 2022 at 23:12, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
>
> Hi Justin,
>
> These are library variables, which means they really have no sense in
> being user selectable. Internal things to the kernel depend on them,
> or they don't. They're always only dependencies.
>
But what does any of this have to do with blake2s? These are unrelated
changes that are not even described in the commit log of the original
patch, so let's just revert them now. If changes are needed here, we
can discuss them on the linux-crypto mailing list after the merge
window.
> It sounds like CONFIG_BIG_KEYS might be declaring its dependencies
> wrong, and that's actually where the bug is? CC'ing David Howells just
> in case. Maybe things should be changed to:
>
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 64b81abd087e..2f1624c9eed9 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -60,7 +60,7 @@ config BIG_KEYS
> bool "Large payload keys"
> depends on KEYS
> depends on TMPFS
> - depends on CRYPTO_LIB_CHACHA20POLY1305 = y
> + select CRYPTO_LIB_CHACHA20POLY1305
> help
> This option provides support for holding large keys within the kernel
> (for example Kerberos ticket caches). The data may be stored out to
>
>
> Jason