[OS-BUILD PATCHv3] [redhat] New configs in crypto/Kconfig

Friday, 22 January 2021

From: Fedora Kernel Team <kernel-team(a)fedoraproject.org&gt;

[redhat] New configs in crypto/Kconfig

Hi,

As part of the ongoing rebase effort, the following configuration
options need to be reviewed.

As a reminder, the ARK configuration flow involves moving unreviewed
configuration options from the pending directory to the ark directory.
In the diff below, options are removed from the pending directory and
added to the ark hierarchy. The final options that need to be ACKed
are the files that are being added to the ark hierarchy.

If the value for a file that is added should be changed, please reply
with a better option.

 CONFIG_CRYPTO_SM2:

 Generic implementation of the SM2 public key algorithm. It was
 published by State Encryption Management Bureau, China.
 as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.

 References:
 https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
 http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
 http://www.gmbz.org.cn/main/bzlb.html

 Symbol: CRYPTO_SM2 [=n]
 Type  : tristate
 Defined at crypto/Kconfig:263
   Prompt: SM2 algorithm
   Depends on: CRYPTO [=y]
   Location:
     -> Cryptographic API (CRYPTO [=y])
 Selects: CRYPTO_SM3 [=n] && CRYPTO_AKCIPHER [=y] && CRYPTO_MANAGER [=y]
&& MPILIB [=y] && ASN1 [=y]

---

 CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE:

 Allow obsolete cryptographic algorithms to be selected that have
 already been phased out from internal use by the kernel, and are
 only useful for userspace clients that still rely on them.

 Symbol: CRYPTO_USER_API_ENABLE_OBSOLETE [=y]
 Type  : bool
 Defined at crypto/Kconfig:1915
   Prompt: Enable obsolete cryptographic algorithms for userspace
   Depends on: CRYPTO [=y] && CRYPTO_USER_API [=y]
   Location:
     -> Cryptographic API (CRYPTO [=y])

---

 CONFIG_CRYPTO_USER_API_RNG_CAVP:

 This option enables extra API for CAVP testing via the user-space
 interface: resetting of DRBG entropy, and providing Additional Data.
 This should only be enabled for CAVP testing. You should say
 no unless you know what this is.

 Symbol: CRYPTO_USER_API_RNG_CAVP [=n]
 Type  : bool
 Defined at crypto/Kconfig:1895
   Prompt: Enable CAVP testing of DRBG
   Depends on: CRYPTO [=y] && CRYPTO_USER_API_RNG [=y] && CRYPTO_DRBG
[=y]
   Location:
     -> Cryptographic API (CRYPTO [=y])
       -> User-space interface for random number generator algorithms
(CRYPTO_USER_API_RNG [=y])

---

Cc: Herbert Xu <herbert.xu(a)redhat.com&gt;
Cc: "David S. Miller" <davem(a)redhat.com&gt;
Cc: Ondrej Mosnacek <omosnace(a)redhat.com&gt;
Signed-off-by: Fedora Kernel Team <kernel-team(a)fedoraproject.org&gt;

diff a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM3
b/redhat/configs/ark/generic/CONFIG_CRYPTO_SM3

--- a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM3
+++ /dev/null
@@ -1 +0,0 @@
-# CONFIG_CRYPTO_SM3 is not set
diff a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM4_ARM64_CE
b/redhat/configs/ark/generic/CONFIG_CRYPTO_SM4_ARM64_CE
--- a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM4_ARM64_CE
+++ /dev/null
@@ -1 +0,0 @@
-CONFIG_CRYPTO_SM4_ARM64_CE=m
diff a/redhat/configs/ark/generic/arm/aarch64/CONFIG_CRYPTO_SM3_ARM64_CE
b/redhat/configs/ark/generic/arm/aarch64/CONFIG_CRYPTO_SM3_ARM64_CE
--- a/redhat/configs/ark/generic/arm/aarch64/CONFIG_CRYPTO_SM3_ARM64_CE
+++ /dev/null
@@ -1 +0,0 @@
-# CONFIG_CRYPTO_SM3_ARM64_CE is not set
diff a/redhat/configs/ark/generic/arm/aarch64/CONFIG_CRYPTO_SM4
b/redhat/configs/ark/generic/arm/aarch64/CONFIG_CRYPTO_SM4
--- a/redhat/configs/ark/generic/arm/aarch64/CONFIG_CRYPTO_SM4
+++ /dev/null
@@ -1 +0,0 @@
-CONFIG_CRYPTO_SM4=m
diff a/redhat/configs/ark/generic/s390x/zfcpdump/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
b/redhat/configs/ark/generic/s390x/zfcpdump/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
--- /dev/null
+++ b/redhat/configs/ark/generic/s390x/zfcpdump/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
@@ -0,0 +1 @@
+CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_ANUBIS
b/redhat/configs/common/generic/CONFIG_CRYPTO_ANUBIS
--- a/redhat/configs/common/generic/CONFIG_CRYPTO_ANUBIS
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_ANUBIS
@@ -1 +1 @@
-CONFIG_CRYPTO_ANUBIS=m
+# CONFIG_CRYPTO_ANUBIS is not set
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_ARC4
b/redhat/configs/common/generic/CONFIG_CRYPTO_ARC4
--- a/redhat/configs/common/generic/CONFIG_CRYPTO_ARC4
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_ARC4
@@ -1 +1 @@
-CONFIG_CRYPTO_ARC4=m
+# CONFIG_CRYPTO_ARC4 is not set
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_KHAZAD
b/redhat/configs/common/generic/CONFIG_CRYPTO_KHAZAD
--- a/redhat/configs/common/generic/CONFIG_CRYPTO_KHAZAD
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_KHAZAD
@@ -1 +1 @@
-CONFIG_CRYPTO_KHAZAD=m
+# CONFIG_CRYPTO_KHAZAD is not set
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_SEED
b/redhat/configs/common/generic/CONFIG_CRYPTO_SEED
--- a/redhat/configs/common/generic/CONFIG_CRYPTO_SEED
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_SEED
@@ -1 +1 @@
-CONFIG_CRYPTO_SEED=m
+# CONFIG_CRYPTO_SEED is not set
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_SM2
b/redhat/configs/common/generic/CONFIG_CRYPTO_SM2
--- /dev/null
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_SM2
@@ -0,0 +1 @@
+CONFIG_CRYPTO_SM2=m
diff a/redhat/configs/fedora/generic/CONFIG_CRYPTO_SM3
b/redhat/configs/common/generic/CONFIG_CRYPTO_SM3
--- a/redhat/configs/fedora/generic/CONFIG_CRYPTO_SM3
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_SM3
diff a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM4
b/redhat/configs/common/generic/CONFIG_CRYPTO_SM4
--- a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM4
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_SM4
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_TEA
b/redhat/configs/common/generic/CONFIG_CRYPTO_TEA
--- a/redhat/configs/common/generic/CONFIG_CRYPTO_TEA
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_TEA
@@ -1 +1 @@
-CONFIG_CRYPTO_TEA=m
+# CONFIG_CRYPTO_TEA is not set
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
--- /dev/null
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
@@ -0,0 +1 @@
+# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set
diff a/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
--- /dev/null
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
@@ -0,0 +1 @@
+# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
diff a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM3_ARM64_CE
b/redhat/configs/common/generic/arm/aarch64/CONFIG_CRYPTO_SM3_ARM64_CE
--- a/redhat/configs/ark/generic/CONFIG_CRYPTO_SM3_ARM64_CE
+++ b/redhat/configs/common/generic/arm/aarch64/CONFIG_CRYPTO_SM3_ARM64_CE
diff a/redhat/configs/common/generic/arm/aarch64/CONFIG_CRYPTO_SM4_ARM64_CE
b/redhat/configs/common/generic/arm/aarch64/CONFIG_CRYPTO_SM4_ARM64_CE
--- /dev/null
+++ b/redhat/configs/common/generic/arm/aarch64/CONFIG_CRYPTO_SM4_ARM64_CE
@@ -0,0 +1 @@
+# CONFIG_CRYPTO_SM4_ARM64_CE is not set
diff a/redhat/configs/fedora/generic/CONFIG_CRYPTO_SM2
b/redhat/configs/fedora/generic/CONFIG_CRYPTO_SM2
--- a/redhat/configs/fedora/generic/CONFIG_CRYPTO_SM2
+++ /dev/null
@@ -1,23 +0,0 @@
-# CONFIG_CRYPTO_SM2:
-# 
-# Generic implementation of the SM2 public key algorithm. It was
-# published by State Encryption Management Bureau, China.
-# as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.
-# 
-# References:
-# https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
-# http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
-# http://www.gmbz.org.cn/main/bzlb.html
-# 
-# Symbol: CRYPTO_SM2 [=n]
-# Type  : tristate
-# Defined at crypto/Kconfig:263
-#   Prompt: SM2 algorithm
-#   Depends on: CRYPTO [=y]
-#   Location:
-#     -> Cryptographic API (CRYPTO [=y])
-# Selects: CRYPTO_SM3 [=m] && CRYPTO_AKCIPHER [=y] && CRYPTO_MANAGER [=y]
&& MPILIB [=y] && ASN1 [=y]
-# 
-# 
-# 
-CONFIG_CRYPTO_SM2=m
diff a/redhat/configs/fedora/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
b/redhat/configs/fedora/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
--- a/redhat/configs/fedora/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
+++ /dev/null
@@ -1,17 +0,0 @@
-# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE:
-# 
-# Allow obsolete cryptographic algorithms to be selected that have
-# already been phased out from internal use by the kernel, and are
-# only useful for userspace clients that still rely on them.
-# 
-# Symbol: CRYPTO_USER_API_ENABLE_OBSOLETE [=y]
-# Type  : bool
-# Defined at crypto/Kconfig:1915
-#   Prompt: Enable obsolete cryptographic algorithms for userspace
-#   Depends on: CRYPTO [=y] && CRYPTO_USER_API [=y]
-#   Location:
-#     -> Cryptographic API (CRYPTO [=y])
-# 
-# 
-# 
-# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set
diff a/redhat/configs/fedora/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
b/redhat/configs/fedora/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
--- a/redhat/configs/fedora/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
+++ /dev/null
@@ -1,19 +0,0 @@
-# CONFIG_CRYPTO_USER_API_RNG_CAVP:
-# 
-# This option enables extra API for CAVP testing via the user-space
-# interface: resetting of DRBG entropy, and providing Additional Data.
-# This should only be enabled for CAVP testing. You should say
-# no unless you know what this is.
-# 
-# Symbol: CRYPTO_USER_API_RNG_CAVP [=n]
-# Type  : bool
-# Defined at crypto/Kconfig:1895
-#   Prompt: Enable CAVP testing of DRBG
-#   Depends on: CRYPTO [=y] && CRYPTO_USER_API_RNG [=y] && CRYPTO_DRBG
[=y]
-#   Location:
-#     -> Cryptographic API (CRYPTO [=y])
-#       -> User-space interface for random number generator algorithms
(CRYPTO_USER_API_RNG [=y])
-# 
-# 
-# 
-# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set

--
https://gitlab.com/cki-project/kernel-ark/-/merge_requests/698

    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

[OS-BUILD PATCHv3] [redhat] New configs in crypto/Kconfig