On Tue, Sep 06, 2016 at 02:11:56PM +0100, David Howells wrote: > Artem Savkov <[email protected]> wrote: > > > > > - select CRYPTO > > > > + depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y) > > > > > > Should those be "==" not "="? > > > > Accodring to Documentation/kbuild/kconfig-language.txt (line 173) it is > > "=" and I can only see "=" being used in existing Kconfigs. > > Okay. The other thing is that I have been given a conflicting patch (see > below). Is your fix preferable? > > David > --- > commit 69ed34b303f87a1a53470dd37149ac1573d79da2 > Author: Kirill Marinushkin <[email protected]> > Date: Mon, 8 Aug 2016 23:19:32 +0200 > > KEYS: fix big_key dependency > > Signed-off-by: Kirill Marinushkin <[email protected]> > cc: David Howells <[email protected]> > cc: Peter Hlavaty <[email protected]> > cc: Greg KH <[email protected]> > cc: [email protected] > --- > security/keys/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/keys/Kconfig b/security/keys/Kconfig > index f826e87..8213221 100644 > --- a/security/keys/Kconfig > +++ b/security/keys/Kconfig > @@ -44,7 +44,7 @@ config BIG_KEYS > select CRYPTO > select CRYPTO_AES > select CRYPTO_ECB > - select CRYPTO_RNG > + select CRYPTO_ANSI_CPRNG > help > This option provides support for holding large keys within the kernel > (for example Kerberos ticket caches). The data may be stored out to
I would argue that locking a user into a specific stdrng implementation is not something that should be done when there are options available. -- Regards, Artem
