* [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
@ 2026-03-21 22:42 Eric Biggers
2026-03-24 23:46 ` Mimi Zohar
0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2026-03-21 22:42 UTC (permalink / raw)
To: keyrings, Jarkko Sakkinen, David Howells, Mimi Zohar
Cc: linux-kernel, Eric Biggers
encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
duplicative crypto_rng one. So it does not need to select CRYPTO_RNG.
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
This patch is targeting the keyrings tree
security/keys/Kconfig | 1 -
1 file changed, 1 deletion(-)
diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 84f39e50ca36..f4510d8cb485 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -85,11 +85,10 @@ config ENCRYPTED_KEYS
tristate "ENCRYPTED KEYS"
select CRYPTO
select CRYPTO_AES
select CRYPTO_CBC
select CRYPTO_LIB_SHA256
- select CRYPTO_RNG
help
This option provides support for create/encrypting/decrypting keys
in the kernel. Encrypted keys are instantiated using kernel
generated random numbers or provided decrypted data, and are
encrypted/decrypted with a 'master' symmetric key. The 'master'
base-commit: 113ae7b4decc6c2d95bdbbe52e615a0137ef7f9f
--
2.53.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
2026-03-21 22:42 [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG Eric Biggers
@ 2026-03-24 23:46 ` Mimi Zohar
2026-03-25 0:02 ` Eric Biggers
0 siblings, 1 reply; 4+ messages in thread
From: Mimi Zohar @ 2026-03-24 23:46 UTC (permalink / raw)
To: Eric Biggers, keyrings, Jarkko Sakkinen, David Howells; +Cc: linux-kernel
Hi Eric,
On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> duplicative crypto_rng one. So it does not need to select CRYPTO_RNG.
>
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> ---
>
> This patch is targeting the keyrings tree
Not sure what you mean by targeting the keyrings tree. I can definitely queue
it.
>
> security/keys/Kconfig | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 84f39e50ca36..f4510d8cb485 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -85,11 +85,10 @@ config ENCRYPTED_KEYS
> tristate "ENCRYPTED KEYS"
> select CRYPTO
> select CRYPTO_AES
> select CRYPTO_CBC
> select CRYPTO_LIB_SHA256
> - select CRYPTO_RNG
> help
> This option provides support for create/encrypting/decrypting keys
> in the kernel. Encrypted keys are instantiated using kernel
> generated random numbers or provided decrypted data, and are
> encrypted/decrypted with a 'master' symmetric key. The 'master'
>
> base-commit: 113ae7b4decc6c2d95bdbbe52e615a0137ef7f9f
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
2026-03-24 23:46 ` Mimi Zohar
@ 2026-03-25 0:02 ` Eric Biggers
2026-04-04 20:09 ` Eric Biggers
0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2026-03-25 0:02 UTC (permalink / raw)
To: Mimi Zohar; +Cc: keyrings, Jarkko Sakkinen, David Howells, linux-kernel
On Tue, Mar 24, 2026 at 07:46:10PM -0400, Mimi Zohar wrote:
> Hi Eric,
>
> On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> > encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> > duplicative crypto_rng one. So it does not need to select CRYPTO_RNG.
> >
> > Signed-off-by: Eric Biggers <ebiggers@kernel.org>
>
> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
>
> > ---
> >
> > This patch is targeting the keyrings tree
>
> Not sure what you mean by targeting the keyrings tree. I can definitely queue
> it.
Last time I sent a patch for encrypted-keys, Jarkko took it. If you'd
like to take it instead, that's fine with me. As long as someone does
it. Thanks,
- Eric
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
2026-03-25 0:02 ` Eric Biggers
@ 2026-04-04 20:09 ` Eric Biggers
0 siblings, 0 replies; 4+ messages in thread
From: Eric Biggers @ 2026-04-04 20:09 UTC (permalink / raw)
To: Mimi Zohar; +Cc: keyrings, Jarkko Sakkinen, David Howells, linux-kernel
On Tue, Mar 24, 2026 at 05:02:27PM -0700, Eric Biggers wrote:
> On Tue, Mar 24, 2026 at 07:46:10PM -0400, Mimi Zohar wrote:
> > Hi Eric,
> >
> > On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> > > encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> > > duplicative crypto_rng one. So it does not need to select CRYPTO_RNG.
> > >
> > > Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> >
> > Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> >
> > > ---
> > >
> > > This patch is targeting the keyrings tree
> >
> > Not sure what you mean by targeting the keyrings tree. I can definitely queue
> > it.
>
> Last time I sent a patch for encrypted-keys, Jarkko took it. If you'd
> like to take it instead, that's fine with me. As long as someone does
> it. Thanks,
Anyone planning to take this? It's not in linux-next yet.
- Eric
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-04-04 20:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-21 22:42 [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG Eric Biggers
2026-03-24 23:46 ` Mimi Zohar
2026-03-25 0:02 ` Eric Biggers
2026-04-04 20:09 ` Eric Biggers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox