git.ipfire.org Git - thirdparty/openwrt.git/blob

   1 From e7ed6473c2c8c4e45dd861bfa06e96189b11d8db Mon Sep 17 00:00:00 2001
   2 From: Herbert Xu <herbert@gondor.apana.org.au>
   3 Date: Mon, 6 Nov 2023 18:00:08 +0800
   4 Subject: [PATCH] crypto: jitterentropy - Hide esoteric Kconfig options under
   5  FIPS and EXPERT
   6
   7 As JITTERENTROPY is selected by default if you enable the CRYPTO
   8 API, any Kconfig options added there will show up for every single
   9 user.  Hide the esoteric options under EXPERT as well as FIPS so
  10 that only distro makers will see them.
  11
  12 Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
  13 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  14 Reviewed-by: Stephan Mueller <smueller@chronox.de>
  15 Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  16 ---
  17  crypto/Kconfig | 28 +++++++++++++++++++++++++---
  18  1 file changed, 25 insertions(+), 3 deletions(-)
  19
  20 --- a/crypto/Kconfig
  21 +++ b/crypto/Kconfig
  22 @@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY
  23
  24           See https://www.chronox.de/jent/
  25
  26 +if CRYPTO_JITTERENTROPY
  27 +if CRYPTO_FIPS && EXPERT
  28 +
  29  choice
  30         prompt "CPU Jitter RNG Memory Size"
  31         default CRYPTO_JITTERENTROPY_MEMSIZE_2
  32 -       depends on CRYPTO_JITTERENTROPY
  33         help
  34           The Jitter RNG measures the execution time of memory accesses.
  35           Multiple consecutive memory accesses are performed. If the memory
  36 @@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR
  37         int "CPU Jitter RNG Oversampling Rate"
  38         range 1 15
  39         default 1
  40 -       depends on CRYPTO_JITTERENTROPY
  41         help
  42           The Jitter RNG allows the specification of an oversampling rate (OSR).
  43           The Jitter RNG operation requires a fixed amount of timing
  44 @@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR
  45
  46  config CRYPTO_JITTERENTROPY_TESTINTERFACE
  47         bool "CPU Jitter RNG Test Interface"
  48 -       depends on CRYPTO_JITTERENTROPY
  49         help
  50           The test interface allows a privileged process to capture
  51           the raw unconditioned high resolution time stamp noise that
  52 @@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFAC
  53
  54           If unsure, select N.
  55
  56 +endif  # if CRYPTO_FIPS && EXPERT
  57 +
  58 +if !(CRYPTO_FIPS && EXPERT)
  59 +
  60 +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS
  61 +       int
  62 +       default 64
  63 +
  64 +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE
  65 +       int
  66 +       default 32
  67 +
  68 +config CRYPTO_JITTERENTROPY_OSR
  69 +       int
  70 +       default 1
  71 +
  72 +config CRYPTO_JITTERENTROPY_TESTINTERFACE
  73 +       bool
  74 +
  75 +endif  # if !(CRYPTO_FIPS && EXPERT)
  76 +endif  # if CRYPTO_JITTERENTROPY
  77 +
  78  config CRYPTO_KDF800108_CTR
  79         tristate
  80         select CRYPTO_HMAC