From: Fedora Kernel Team <kernel-team(a)fedoraproject.org>
Hi,
As part of the ongoing rebase effort, the following configuration
options need to be reviewed.
As a reminder, the ARK configuration flow involves moving unreviewed
configuration options from the pending directory to the ark directory.
In the diff below, options are removed from the pending directory and
added to the ark hierarchy. The final options that need to be ACKed
are the files that are being added to the ark hierarchy.
If the value for a file that is added should be changed, please reply
with a better option.
CONFIG_CRYPTO_SM2:
Generic implementation of the SM2 public key algorithm. It was
published by State Encryption Management Bureau, China.
as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.
References:
https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
http://www.gmbz.org.cn/main/bzlb.html
Symbol: CRYPTO_SM2 [=n]
Type : tristate
Defined at crypto/Kconfig:263
Prompt: SM2 algorithm
Depends on: CRYPTO [=y]
Location:
-> Cryptographic API (CRYPTO [=y])
Selects: CRYPTO_SM3 [=n] && CRYPTO_AKCIPHER [=y] && CRYPTO_MANAGER [=y]
&& MPILIB [=y] && ASN1 [=y]
---
CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE:
Allow obsolete cryptographic algorithms to be selected that have
already been phased out from internal use by the kernel, and are
only useful for userspace clients that still rely on them.
Symbol: CRYPTO_USER_API_ENABLE_OBSOLETE [=y]
Type : bool
Defined at crypto/Kconfig:1915
Prompt: Enable obsolete cryptographic algorithms for userspace
Depends on: CRYPTO [=y] && CRYPTO_USER_API [=y]
Location:
-> Cryptographic API (CRYPTO [=y])
---
CONFIG_CRYPTO_USER_API_RNG_CAVP:
This option enables extra API for CAVP testing via the user-space
interface: resetting of DRBG entropy, and providing Additional Data.
This should only be enabled for CAVP testing. You should say
no unless you know what this is.
Symbol: CRYPTO_USER_API_RNG_CAVP [=n]
Type : bool
Defined at crypto/Kconfig:1895
Prompt: Enable CAVP testing of DRBG
Depends on: CRYPTO [=y] && CRYPTO_USER_API_RNG [=y] && CRYPTO_DRBG
[=y]
Location:
-> Cryptographic API (CRYPTO [=y])
-> User-space interface for random number generator algorithms
(CRYPTO_USER_API_RNG [=y])
---
Cc: Herbert Xu <herbert.xu(a)redhat.com>
Cc: "David S. Miller" <davem(a)redhat.com>
Cc: Ondrej Mosnacek <omosnace(a)redhat.com>
Signed-off-by: Fedora Kernel Team <kernel-team(a)fedoraproject.org>
---
.../configs/common/generic/CONFIG_CRYPTO_SM2 | 1 +
.../CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE | 1 +
.../generic/CONFIG_CRYPTO_USER_API_RNG_CAVP | 1 +
.../pending-common/generic/CONFIG_CRYPTO_SM2 | 23 -------------------
.../CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE | 17 --------------
.../generic/CONFIG_CRYPTO_USER_API_RNG_CAVP | 19 ---------------
6 files changed, 3 insertions(+), 59 deletions(-)
create mode 100644 redhat/configs/common/generic/CONFIG_CRYPTO_SM2
create mode 100644 redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
create mode 100644 redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
delete mode 100644 redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2
delete mode 100644
redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
delete mode 100644 redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
diff --git a/redhat/configs/common/generic/CONFIG_CRYPTO_SM2
b/redhat/configs/common/generic/CONFIG_CRYPTO_SM2
new file mode 100644
index 000000000000..0d8c1b551abf
--- /dev/null
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_SM2
@@ -0,0 +1 @@
+# CONFIG_CRYPTO_SM2 is not set
diff --git a/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
new file mode 100644
index 000000000000..21d316c28741
--- /dev/null
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
@@ -0,0 +1 @@
+CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y
diff --git a/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
new file mode 100644
index 000000000000..7826178972a9
--- /dev/null
+++ b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
@@ -0,0 +1 @@
+# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
diff --git a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2
b/redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2
deleted file mode 100644
index b577bb249279..000000000000
--- a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2
+++ /dev/null
@@ -1,23 +0,0 @@
-# CONFIG_CRYPTO_SM2:
-#
-# Generic implementation of the SM2 public key algorithm. It was
-# published by State Encryption Management Bureau, China.
-# as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.
-#
-# References:
-#
https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
-#
http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml
-#
http://www.gmbz.org.cn/main/bzlb.html
-#
-# Symbol: CRYPTO_SM2 [=n]
-# Type : tristate
-# Defined at crypto/Kconfig:263
-# Prompt: SM2 algorithm
-# Depends on: CRYPTO [=y]
-# Location:
-# -> Cryptographic API (CRYPTO [=y])
-# Selects: CRYPTO_SM3 [=n] && CRYPTO_AKCIPHER [=y] && CRYPTO_MANAGER [=y]
&& MPILIB [=y] && ASN1 [=y]
-#
-#
-#
-# CONFIG_CRYPTO_SM2 is not set
diff --git a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
b/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
deleted file mode 100644
index b8bda73dbf55..000000000000
--- a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE
+++ /dev/null
@@ -1,17 +0,0 @@
-# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE:
-#
-# Allow obsolete cryptographic algorithms to be selected that have
-# already been phased out from internal use by the kernel, and are
-# only useful for userspace clients that still rely on them.
-#
-# Symbol: CRYPTO_USER_API_ENABLE_OBSOLETE [=y]
-# Type : bool
-# Defined at crypto/Kconfig:1915
-# Prompt: Enable obsolete cryptographic algorithms for userspace
-# Depends on: CRYPTO [=y] && CRYPTO_USER_API [=y]
-# Location:
-# -> Cryptographic API (CRYPTO [=y])
-#
-#
-#
-CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y
diff --git a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
b/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
deleted file mode 100644
index 7e0c667a45ce..000000000000
--- a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP
+++ /dev/null
@@ -1,19 +0,0 @@
-# CONFIG_CRYPTO_USER_API_RNG_CAVP:
-#
-# This option enables extra API for CAVP testing via the user-space
-# interface: resetting of DRBG entropy, and providing Additional Data.
-# This should only be enabled for CAVP testing. You should say
-# no unless you know what this is.
-#
-# Symbol: CRYPTO_USER_API_RNG_CAVP [=n]
-# Type : bool
-# Defined at crypto/Kconfig:1895
-# Prompt: Enable CAVP testing of DRBG
-# Depends on: CRYPTO [=y] && CRYPTO_USER_API_RNG [=y] && CRYPTO_DRBG
[=y]
-# Location:
-# -> Cryptographic API (CRYPTO [=y])
-# -> User-space interface for random number generator algorithms
(CRYPTO_USER_API_RNG [=y])
-#
-#
-#
-# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
--
GitLab