From: Fedora Kernel Team <kernel-team(a)fedoraproject.org&gt; Hi, As part of the ongoing rebase effort, the following configuration options need to be reviewed. As a reminder, the ARK configuration flow involves moving unreviewed configuration options from the pending directory to the ark directory. In the diff below, options are removed from the pending directory and added to the ark hierarchy. The final options that need to be ACKed are the files that are being added to the ark hierarchy. If the value for a file that is added should be changed, please reply with a better option. CONFIG_CRYPTO_SM2: Generic implementation of the SM2 public key algorithm. It was published by State Encryption Management Bureau, China. as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012. References: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml http://www.gmbz.org.cn/main/bzlb.html Symbol: CRYPTO_SM2 [=n] Type : tristate Defined at crypto/Kconfig:263 Prompt: SM2 algorithm Depends on: CRYPTO [=y] Location: -> Cryptographic API (CRYPTO [=y]) Selects: CRYPTO_SM3 [=n] && CRYPTO_AKCIPHER [=y] && CRYPTO_MANAGER [=y] && MPILIB [=y] && ASN1 [=y] --- CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE: Allow obsolete cryptographic algorithms to be selected that have already been phased out from internal use by the kernel, and are only useful for userspace clients that still rely on them. Symbol: CRYPTO_USER_API_ENABLE_OBSOLETE [=y] Type : bool Defined at crypto/Kconfig:1915 Prompt: Enable obsolete cryptographic algorithms for userspace Depends on: CRYPTO [=y] && CRYPTO_USER_API [=y] Location: -> Cryptographic API (CRYPTO [=y]) --- CONFIG_CRYPTO_USER_API_RNG_CAVP: This option enables extra API for CAVP testing via the user-space interface: resetting of DRBG entropy, and providing Additional Data. This should only be enabled for CAVP testing. You should say no unless you know what this is. Symbol: CRYPTO_USER_API_RNG_CAVP [=n] Type : bool Defined at crypto/Kconfig:1895 Prompt: Enable CAVP testing of DRBG Depends on: CRYPTO [=y] && CRYPTO_USER_API_RNG [=y] && CRYPTO_DRBG [=y] Location: -> Cryptographic API (CRYPTO [=y]) -> User-space interface for random number generator algorithms (CRYPTO_USER_API_RNG [=y]) --- Cc: Herbert Xu <herbert.xu(a)redhat.com&gt; Cc: "David S. Miller" <davem(a)redhat.com&gt; Cc: Ondrej Mosnacek <omosnace(a)redhat.com&gt; Signed-off-by: Fedora Kernel Team <kernel-team(a)fedoraproject.org&gt; --- .../configs/common/generic/CONFIG_CRYPTO_SM2 | 1 + .../CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE | 1 + .../generic/CONFIG_CRYPTO_USER_API_RNG_CAVP | 1 + .../pending-common/generic/CONFIG_CRYPTO_SM2 | 23 ------------------- .../CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE | 17 -------------- .../generic/CONFIG_CRYPTO_USER_API_RNG_CAVP | 19 --------------- 6 files changed, 3 insertions(+), 59 deletions(-) create mode 100644 redhat/configs/common/generic/CONFIG_CRYPTO_SM2 create mode 100644 redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE create mode 100644 redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP delete mode 100644 redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2 delete mode 100644 redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE delete mode 100644 redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP diff --git a/redhat/configs/common/generic/CONFIG_CRYPTO_SM2 b/redhat/configs/common/generic/CONFIG_CRYPTO_SM2 new file mode 100644 index 000000000000..0d8c1b551abf --- /dev/null +++ b/redhat/configs/common/generic/CONFIG_CRYPTO_SM2 @@ -0,0 +1 @@ +# CONFIG_CRYPTO_SM2 is not set diff --git a/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE new file mode 100644 index 000000000000..21d316c28741 --- /dev/null +++ b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE @@ -0,0 +1 @@ +CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y diff --git a/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP new file mode 100644 index 000000000000..7826178972a9 --- /dev/null +++ b/redhat/configs/common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP @@ -0,0 +1 @@ +# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set diff --git a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2 b/redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2 deleted file mode 100644 index b577bb249279..000000000000 --- a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_SM2 +++ /dev/null @@ -1,23 +0,0 @@ -# CONFIG_CRYPTO_SM2: -# -# Generic implementation of the SM2 public key algorithm. It was -# published by State Encryption Management Bureau, China. -# as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012. -# -# References: -# https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 -# http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml -# http://www.gmbz.org.cn/main/bzlb.html -# -# Symbol: CRYPTO_SM2 [=n] -# Type : tristate -# Defined at crypto/Kconfig:263 -# Prompt: SM2 algorithm -# Depends on: CRYPTO [=y] -# Location: -# -> Cryptographic API (CRYPTO [=y]) -# Selects: CRYPTO_SM3 [=n] && CRYPTO_AKCIPHER [=y] && CRYPTO_MANAGER [=y] && MPILIB [=y] && ASN1 [=y] -# -# -# -# CONFIG_CRYPTO_SM2 is not set diff --git a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE b/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE deleted file mode 100644 index b8bda73dbf55..000000000000 --- a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE +++ /dev/null @@ -1,17 +0,0 @@ -# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE: -# -# Allow obsolete cryptographic algorithms to be selected that have -# already been phased out from internal use by the kernel, and are -# only useful for userspace clients that still rely on them. -# -# Symbol: CRYPTO_USER_API_ENABLE_OBSOLETE [=y] -# Type : bool -# Defined at crypto/Kconfig:1915 -# Prompt: Enable obsolete cryptographic algorithms for userspace -# Depends on: CRYPTO [=y] && CRYPTO_USER_API [=y] -# Location: -# -> Cryptographic API (CRYPTO [=y]) -# -# -# -CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y diff --git a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP b/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP deleted file mode 100644 index 7e0c667a45ce..000000000000 --- a/redhat/configs/pending-common/generic/CONFIG_CRYPTO_USER_API_RNG_CAVP +++ /dev/null @@ -1,19 +0,0 @@ -# CONFIG_CRYPTO_USER_API_RNG_CAVP: -# -# This option enables extra API for CAVP testing via the user-space -# interface: resetting of DRBG entropy, and providing Additional Data. -# This should only be enabled for CAVP testing. You should say -# no unless you know what this is. -# -# Symbol: CRYPTO_USER_API_RNG_CAVP [=n] -# Type : bool -# Defined at crypto/Kconfig:1895 -# Prompt: Enable CAVP testing of DRBG -# Depends on: CRYPTO [=y] && CRYPTO_USER_API_RNG [=y] && CRYPTO_DRBG [=y] -# Location: -# -> Cryptographic API (CRYPTO [=y]) -# -> User-space interface for random number generator algorithms (CRYPTO_USER_API_RNG [=y]) -# -# -# -# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set -- GitLab