From: Mimi Zohar <zohar@linux.ibm.com>
To: Eric Biggers <ebiggers@kernel.org>,
keyrings@vger.kernel.org, Jarkko Sakkinen <jarkko@kernel.org>,
David Howells <dhowells@redhat.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
Date: Tue, 24 Mar 2026 19:46:10 -0400 [thread overview]
Message-ID: <e77dc41b88d60377b81a0cdff4e3823d8aafe98a.camel@linux.ibm.com> (raw)
In-Reply-To: <20260321224218.60418-1-ebiggers@kernel.org>
Hi Eric,
On Sat, 2026-03-21 at 15:42 -0700, Eric Biggers wrote:
> encrypted-keys uses the regular Linux RNG (get_random_bytes()), not the
> duplicative crypto_rng one. So it does not need to select CRYPTO_RNG.
>
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
> ---
>
> This patch is targeting the keyrings tree
Not sure what you mean by targeting the keyrings tree. I can definitely queue
it.
>
> security/keys/Kconfig | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/security/keys/Kconfig b/security/keys/Kconfig
> index 84f39e50ca36..f4510d8cb485 100644
> --- a/security/keys/Kconfig
> +++ b/security/keys/Kconfig
> @@ -85,11 +85,10 @@ config ENCRYPTED_KEYS
> tristate "ENCRYPTED KEYS"
> select CRYPTO
> select CRYPTO_AES
> select CRYPTO_CBC
> select CRYPTO_LIB_SHA256
> - select CRYPTO_RNG
> help
> This option provides support for create/encrypting/decrypting keys
> in the kernel. Encrypted keys are instantiated using kernel
> generated random numbers or provided decrypted data, and are
> encrypted/decrypted with a 'master' symmetric key. The 'master'
>
> base-commit: 113ae7b4decc6c2d95bdbbe52e615a0137ef7f9f
next prev parent reply other threads:[~2026-03-24 23:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-21 22:42 [PATCH] KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG Eric Biggers
2026-03-24 23:46 ` Mimi Zohar [this message]
2026-03-25 0:02 ` Eric Biggers
2026-04-04 20:09 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e77dc41b88d60377b81a0cdff4e3823d8aafe98a.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox