mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-09-18 22:14:16 +00:00
Revert "fscrypt: relax Kconfig dependencies for crypto API algorithms"
This mostly reverts commit a0fc20333e.
Keep the relevant parts of the comment added by that commit.
The problem with that commit is that it allowed people to create broken
configurations that enabled FS_ENCRYPTION but not the mandatory
algorithms. An example of this can be found here:
https://lore.kernel.org/r/1207325.1737387826@warthog.procyon.org.uk/
The commit did allow people to disable specific generic algorithm
implementations that aren't needed. But that at best allowed saving a
bit of code. In the real world people are unlikely to intentionally and
correctly make such a tweak anyway, as they tend to just be confused by
what all the different crypto kconfig options mean.
Of course we really need the crypto API to enable the correct
implementations automatically, but that's for a later fix.
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Cc: David Howells <dhowells@redhat.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://lore.kernel.org/r/20250217185314.27345-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
Eric Biggers
parent
0ad2507d5d
commit
75eb8b9410
1 changed files with 8 additions and 12 deletions
|
|
@ -24,20 +24,16 @@ config FS_ENCRYPTION
|
|||
#
|
||||
# Also note that this option only pulls in the generic implementations of the
|
||||
# algorithms, not any per-architecture optimized implementations. It is
|
||||
# strongly recommended to enable optimized implementations too. It is safe to
|
||||
# disable these generic implementations if corresponding optimized
|
||||
# implementations will always be available too; for this reason, these are soft
|
||||
# dependencies ('imply' rather than 'select'). Only disable these generic
|
||||
# implementations if you're sure they will never be needed, though.
|
||||
# strongly recommended to enable optimized implementations too.
|
||||
config FS_ENCRYPTION_ALGS
|
||||
tristate
|
||||
imply CRYPTO_AES
|
||||
imply CRYPTO_CBC
|
||||
imply CRYPTO_CTS
|
||||
imply CRYPTO_ECB
|
||||
imply CRYPTO_HMAC
|
||||
imply CRYPTO_SHA512
|
||||
imply CRYPTO_XTS
|
||||
select CRYPTO_AES
|
||||
select CRYPTO_CBC
|
||||
select CRYPTO_CTS
|
||||
select CRYPTO_ECB
|
||||
select CRYPTO_HMAC
|
||||
select CRYPTO_SHA512
|
||||
select CRYPTO_XTS
|
||||
|
||||
config FS_ENCRYPTION_INLINE_CRYPT
|
||||
bool "Enable fscrypt to use inline crypto"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue