crypto: echainiv - change to 'default n'

Message ID	20190520165207.168925-1-ebiggers@kernel.org (mailing list archive)
State	Accepted
Delegated to:	Herbert Xu
Headers	show Return-Path: <linux-crypto-owner@kernel.org> From: Eric Biggers <ebiggers@kernel.org> To: linux-crypto@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au> Cc: Steffen Klassert <steffen.klassert@secunet.com>, "David S . Miller" <davem@davemloft.net> Subject: [PATCH] crypto: echainiv - change to 'default n' Date: Mon, 20 May 2019 09:52:07 -0700 Message-Id: <20190520165207.168925-1-ebiggers@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk
Series	crypto: echainiv - change to 'default n' \| expand crypto: echainiv - change to 'default n'

Message ID

20190520165207.168925-1-ebiggers@kernel.org (mailing list archive)

State

Accepted

Delegated to:

Herbert Xu

Headers

From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>
Cc: Steffen Klassert <steffen.klassert@secunet.com>,
        "David S . Miller" <davem@davemloft.net>
Subject: [PATCH] crypto: echainiv - change to 'default n'
Date: Mon, 20 May 2019 09:52:07 -0700
Message-Id: <20190520165207.168925-1-ebiggers@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk

Series

crypto: echainiv - change to 'default n' | expand

Commit Message

Eric Biggers May 20, 2019, 4:52 p.m. UTC

From: Eric Biggers <ebiggers@google.com>

echainiv is the only algorithm or template in the crypto API that is
enabled by default.  But there doesn't seem to be a good reason for it.
And it pulls in a lot of stuff as dependencies, like AEAD support and a
"NIST SP800-90A DRBG" including HMAC-SHA256.

The commit which made it default 'm', commit 3491244c6298 ("crypto:
echainiv - Set Kconfig default to m"), mentioned that it's needed for
IPsec.  However, later commit 32b6170ca59c ("ipv4+ipv6: Make INET*_ESP
select CRYPTO_ECHAINIV") made the IPsec kconfig options select it.

So, remove the 'default m'.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/Kconfig | 1 -
 1 file changed, 1 deletion(-)

Comments

Herbert Xu May 30, 2019, 1:41 p.m. UTC | #1

On Mon, May 20, 2019 at 09:52:07AM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> echainiv is the only algorithm or template in the crypto API that is
> enabled by default.  But there doesn't seem to be a good reason for it.
> And it pulls in a lot of stuff as dependencies, like AEAD support and a
> "NIST SP800-90A DRBG" including HMAC-SHA256.
> 
> The commit which made it default 'm', commit 3491244c6298 ("crypto:
> echainiv - Set Kconfig default to m"), mentioned that it's needed for
> IPsec.  However, later commit 32b6170ca59c ("ipv4+ipv6: Make INET*_ESP
> select CRYPTO_ECHAINIV") made the IPsec kconfig options select it.
> 
> So, remove the 'default m'.
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  crypto/Kconfig | 1 -
>  1 file changed, 1 deletion(-)

Patch applied.  Thanks.

diff --git a/crypto/Kconfig b/crypto/Kconfig
index af8c6b4e6a83a..1062e1031f73a 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -428,7 +428,6 @@  config CRYPTO_ECHAINIV
 	select CRYPTO_NULL
 	select CRYPTO_RNG_DEFAULT
 	select CRYPTO_MANAGER
-	default m
 	help
 	  This IV generator generates an IV based on the encryption of
 	  a sequence number xored with a salt.  This is the default