Skip to content

Commit e7ed647

Browse files
herbertxherbertx
committed
crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT
As JITTERENTROPY is selected by default if you enable the CRYPTO API, any Kconfig options added there will show up for every single user. Hide the esoteric options under EXPERT as well as FIPS so that only distro makers will see them. Reported-by: Linus Torvalds <[email protected]> Signed-off-by: Herbert Xu <[email protected]> Reviewed-by: Stephan Mueller <[email protected]> Signed-off-by: Herbert Xu <[email protected]>
1 parent a312e07 commit e7ed647

File tree

1 file changed

+25
-3
lines changed

1 file changed

+25
-3
lines changed

crypto/Kconfig

Lines changed: 25 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY
12971297

12981298
See https://www.chronox.de/jent.html
12991299

1300+
if CRYPTO_JITTERENTROPY
1301+
if CRYPTO_FIPS && EXPERT
1302+
13001303
choice
13011304
prompt "CPU Jitter RNG Memory Size"
13021305
default CRYPTO_JITTERENTROPY_MEMSIZE_2
1303-
depends on CRYPTO_JITTERENTROPY
13041306
help
13051307
The Jitter RNG measures the execution time of memory accesses.
13061308
Multiple consecutive memory accesses are performed. If the memory
@@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR
13441346
int "CPU Jitter RNG Oversampling Rate"
13451347
range 1 15
13461348
default 1
1347-
depends on CRYPTO_JITTERENTROPY
13481349
help
13491350
The Jitter RNG allows the specification of an oversampling rate (OSR).
13501351
The Jitter RNG operation requires a fixed amount of timing
@@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR
13591360

13601361
config CRYPTO_JITTERENTROPY_TESTINTERFACE
13611362
bool "CPU Jitter RNG Test Interface"
1362-
depends on CRYPTO_JITTERENTROPY
13631363
help
13641364
The test interface allows a privileged process to capture
13651365
the raw unconditioned high resolution time stamp noise that
@@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFACE
13771377

13781378
If unsure, select N.
13791379

1380+
endif # if CRYPTO_FIPS && EXPERT
1381+
1382+
if !(CRYPTO_FIPS && EXPERT)
1383+
1384+
config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS
1385+
int
1386+
default 64
1387+
1388+
config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE
1389+
int
1390+
default 32
1391+
1392+
config CRYPTO_JITTERENTROPY_OSR
1393+
int
1394+
default 1
1395+
1396+
config CRYPTO_JITTERENTROPY_TESTINTERFACE
1397+
bool
1398+
1399+
endif # if !(CRYPTO_FIPS && EXPERT)
1400+
endif # if CRYPTO_JITTERENTROPY
1401+
13801402
config CRYPTO_KDF800108_CTR
13811403
tristate
13821404
select CRYPTO_HMAC

0 commit comments

Comments
 (0)