[PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
@ 2026-03-21 22:42 Eric Biggers
  2026-03-24 23:46 ` Mimi Zohar
  0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2026-03-21 22:42 UTC (permalink / raw)
  To: keyrings, Jarkko Sakkinen, David Howells, Mimi Zohar
  Cc: linux-kernel, Eric Biggers

encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
duplicative crypto_rng one.  So it does not need to select CRYPTO_RNG.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---

This patch is targeting the keyrings tree

 security/keys/Kconfig | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 84f39e50ca36..f4510d8cb485 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -85,11 +85,10 @@ config ENCRYPTED_KEYS
 	tristate "ENCRYPTED KEYS"
 	select CRYPTO
 	select CRYPTO_AES
 	select CRYPTO_CBC
 	select CRYPTO_LIB_SHA256
-	select CRYPTO_RNG
 	help
 	  This option provides support for create/encrypting/decrypting keys
 	  in the kernel.  Encrypted keys are instantiated using kernel
 	  generated random numbers or provided decrypted data, and are
 	  encrypted/decrypted with a 'master' symmetric key. The 'master'

base-commit: 113ae7b4decc6c2d95bdbbe52e615a0137ef7f9f
-- 
2.53.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
  2026-03-21 22:42 [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG Eric Biggers
@ 2026-03-24 23:46 ` Mimi Zohar
  2026-03-25  0:02   ` Eric Biggers
  0 siblings, 1 reply; 4+ messages in thread
From: Mimi Zohar @ 2026-03-24 23:46 UTC (permalink / raw)
  To: Eric Biggers, keyrings, Jarkko Sakkinen, David Howells; +Cc: linux-kernel

Hi Eric,

On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> duplicative crypto_rng one.  So it does not need to select CRYPTO_RNG.
> 
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>

Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

> ---
> 
> This patch is targeting the keyrings tree

Not sure what you mean by targeting the keyrings tree. I can definitely queue
it.

> 
>  security/keys/Kconfig | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 84f39e50ca36..f4510d8cb485 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -85,11 +85,10 @@ config ENCRYPTED_KEYS
>  	tristate "ENCRYPTED KEYS"
>  	select CRYPTO
>  	select CRYPTO_AES
>  	select CRYPTO_CBC
>  	select CRYPTO_LIB_SHA256
> -	select CRYPTO_RNG
>  	help
>  	  This option provides support for create/encrypting/decrypting keys
>  	  in the kernel.  Encrypted keys are instantiated using kernel
>  	  generated random numbers or provided decrypted data, and are
>  	  encrypted/decrypted with a 'master' symmetric key. The 'master'
> 
> base-commit: 113ae7b4decc6c2d95bdbbe52e615a0137ef7f9f

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
  2026-03-24 23:46 ` Mimi Zohar
@ 2026-03-25  0:02   ` Eric Biggers
  2026-04-04 20:09     ` Eric Biggers
  0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2026-03-25  0:02 UTC (permalink / raw)
  To: Mimi Zohar; +Cc: keyrings, Jarkko Sakkinen, David Howells, linux-kernel

On Tue, Mar 24, 2026 at 07:46:10PM -0400, Mimi Zohar wrote:
> Hi Eric,
> 
> On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> > encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> > duplicative crypto_rng one.  So it does not need to select CRYPTO_RNG.
> > 
> > Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> 
> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> 
> > ---
> > 
> > This patch is targeting the keyrings tree
> 
> Not sure what you mean by targeting the keyrings tree. I can definitely queue
> it.

Last time I sent a patch for encrypted-keys, Jarkko took it.  If you'd
like to take it instead, that's fine with me.  As long as someone does
it.  Thanks,

- Eric

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
  2026-03-25  0:02   ` Eric Biggers
@ 2026-04-04 20:09     ` Eric Biggers
  0 siblings, 0 replies; 4+ messages in thread
From: Eric Biggers @ 2026-04-04 20:09 UTC (permalink / raw)
  To: Mimi Zohar; +Cc: keyrings, Jarkko Sakkinen, David Howells, linux-kernel

On Tue, Mar 24, 2026 at 05:02:27PM -0700, Eric Biggers wrote:
> On Tue, Mar 24, 2026 at 07:46:10PM -0400, Mimi Zohar wrote:
> > Hi Eric,
> > 
> > On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> > > encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> > > duplicative crypto_rng one.  So it does not need to select CRYPTO_RNG.
> > > 
> > > Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> > 
> > Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> > 
> > > ---
> > > 
> > > This patch is targeting the keyrings tree
> > 
> > Not sure what you mean by targeting the keyrings tree. I can definitely queue
> > it.
> 
> Last time I sent a patch for encrypted-keys, Jarkko took it.  If you'd
> like to take it instead, that's fine with me.  As long as someone does
> it.  Thanks,

Anyone planning to take this?  It's not in linux-next yet.

- Eric

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2026-04-04 20:10 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-21 22:42 [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG Eric Biggers
2026-03-24 23:46 ` Mimi Zohar
2026-03-25  0:02   ` Eric Biggers
2026-04-04 20:09     ` Eric Biggers

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox