crypto_stdrng_get_bytes() is now always available:
- When CRYPTO_FIPS=n it is an inline function that always calls into
the always-built-in drivers/char/random.c.
- When CRYPTO_FIPS=y it is an inline function that calls into either
random.c or crypto/rng.c, depending on the value of fips_enabled.
The former is again always built-in. The latter is built-in as
well in this case, due to CRYPTO_FIPS=y.
Thus, the CRYPTO_RNG_DEFAULT symbol is no longer needed. Remove it.
This makes it so that CRYPTO_DRBG_MENU (and hence also CRYPTO_DRBG,
CRYPTO_JITTERENTROPY, and CRYPTO_LIB_SHA3) no longer gets unnecessarily
pulled into CRYPTO_FIPS=n kernels. I.e. CRYPTO_FIPS=n kernels are no
longer bloated with code that is relevant only to FIPS certifications.
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
tristate
select CRYPTO_ALGAPI2
-config CRYPTO_RNG_DEFAULT
- tristate
- select CRYPTO_DRBG_MENU
-
config CRYPTO_AKCIPHER2
tristate
select CRYPTO_ALGAPI2
config CRYPTO_DH_RFC7919_GROUPS
bool "RFC 7919 FFDHE groups"
depends on CRYPTO_DH
- select CRYPTO_RNG_DEFAULT
help
FFDHE (Finite-Field-based Diffie-Hellman Ephemeral) groups
defined in RFC7919.
config CRYPTO_ECC
tristate
- select CRYPTO_RNG_DEFAULT
config CRYPTO_ECDH
tristate "ECDH (Elliptic Curve Diffie-Hellman)"
tristate
select CRYPTO_AEAD
select CRYPTO_MANAGER
- select CRYPTO_RNG_DEFAULT
config CRYPTO_SEQIV
tristate "Sequence Number IV Generator"
projects / thirdparty / linux.git / commitdiff
