Re: [PATCH] lib/crypto: add prompts back to crypto libraries

From: Jason A. Donenfeld
Date: Tue Jan 11 2022 - 17:12:52 EST


Hi Justin,

These are library variables, which means they really have no sense in
being user selectable. Internal things to the kernel depend on them,
or they don't. They're always only dependencies.

It sounds like CONFIG_BIG_KEYS might be declaring its dependencies
wrong, and that's actually where the bug is? CC'ing David Howells just
in case. Maybe things should be changed to:

diff --git a/security/keys/Kconfig b/security/keys/Kconfig
index 64b81abd087e..2f1624c9eed9 100644
--- a/security/keys/Kconfig
+++ b/security/keys/Kconfig
@@ -60,7 +60,7 @@ config BIG_KEYS
bool "Large payload keys"
depends on KEYS
depends on TMPFS
- depends on CRYPTO_LIB_CHACHA20POLY1305 = y
+ select CRYPTO_LIB_CHACHA20POLY1305
help
This option provides support for holding large keys within the kernel
(for example Kerberos ticket caches). The data may be stored out to


Jason