git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Chuck Lever <chuck.lever@oracle.com>
	Mon, 27 Apr 2026 13:51:00 +0000 (09:51 -0400)
committer	Chuck Lever <cel@kernel.org>
	Tue, 9 Jun 2026 20:32:59 +0000 (16:32 -0400)
commit	c331c8eaa20211d99181f1a1cf8d5a83b119dcb6
tree	cb5d016ec4cbce890992f5acf78d6400297392ee	tree \| snapshot
parent	979accbc6bcb551b095b678a6f0c41899080ccd1	commit \| diff

SUNRPC: Remove per-enctype Kconfig options

The RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1,
RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA, and
RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2 Kconfig options
originally gated both algorithm availability and the
advertised enctype list. Now that per-message crypto
operations are routed through crypto/krb5, these options
control only which enctype numbers appear in the gssd
upcall string; the underlying algorithms are always
present.

Remove the per-enctype Kconfig options and replace the
ifdef-gated enctype table with a candidate list looked
up in the crypto/krb5 enctype table at module init
time. Each enctype is included in the advertised list
only if crypto_krb5_find_enctype() finds it in the
library's enctype table. When a new enctype is added
to crypto/krb5, adding its constant to the candidate
array is sufficient to begin advertising it.

Assisted-by: Claude:claude-opus-4-6
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Acked-by: Anna Schumaker <anna.schumaker@hammerspace.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

net/sunrpc/Kconfig		diff \| blob \| blame \| history
net/sunrpc/auth_gss/gss_krb5_mech.c		diff \| blob \| blame \| history