[PATCH] [v2] crypto: lib/Kconfig: hide library options
Geert Uytterhoeven
geert at linux-m68k.org
Sun Mar 30 08:54:12 UTC 2025
Hi Arnd,
On Sun, 30 Mar 2025 at 10:45, Arnd Bergmann <arnd at arndb.de> wrote:
> On Sun, Mar 30, 2025, at 10:34, Geert Uytterhoeven wrote:
> > On Fri, 14 Mar 2025 at 17:05, Arnd Bergmann <arnd at kernel.org> wrote:
> >> --- a/security/keys/Kconfig
> >> +++ b/security/keys/Kconfig
> >> @@ -60,7 +60,7 @@ config BIG_KEYS
> >> bool "Large payload keys"
> >> depends on KEYS
> >> depends on TMPFS
> >> - depends on CRYPTO_LIB_CHACHA20POLY1305 = y
> >> + select CRYPTO_LIB_CHACHA20POLY1305
> >> help
> >> This option provides support for holding large keys within the kernel
> >> (for example Kerberos ticket caches). The data may be stored out to
> >
> > Due to dropping the dependency, this appeared on my radar.
> > Should this be selected by one or some of the Kerberos Kconfig symbols?
>
> I don't see why: before commit 521fd61c84a1 ("security/keys: rewrite
> big_key crypto to use library interface") it was user selectable
> without the crypto dependency, and now it got back to that. I think
> from the point of view of Kconfig that is how we want it.
Sure, I mean from a functional point of view. Let me rephrase:
When do you want to store Kerberos ticket caches within the kernel?
Is that pure user-space, or is that done by the kernel?
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert at linux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
More information about the Linux-security-module-archive
mailing list