crypto_stdrng_get_bytes() is now always available:
- When CRYPTO_FIPS=n it is an inline function that always calls into
the always-built-in drivers/char/random.c.
- When CRYPTO_FIPS=y it is an inline function that calls into either
random.c or crypto/rng.c, depending on the value of fips_enabled.
The former is again always built-in. The latter is built-in as
well in this case, due to CRYPTO_FIPS=y.
Thus, the CRYPTO_RNG_DEFAULT symbol is no longer needed. Remove it.
This makes it so that CRYPTO_DRBG_MENU (and hence also CRYPTO_DRBG,
CRYPTO_JITTERENTROPY, and CRYPTO_LIB_SHA3) no longer gets unnecessarily
pulled into CRYPTO_FIPS=n kernels. I.e. CRYPTO_FIPS=n kernels are no
longer bloated with code that is relevant only to FIPS certifications.
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
crypto/Kconfig | 7 -------
1 file changed, 7 deletions(-)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 80492538e1f7..13686f033413 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -107,14 +107,10 @@ config CRYPTO_RNG
config CRYPTO_RNG2
tristate
select CRYPTO_ALGAPI2
-config CRYPTO_RNG_DEFAULT
- tristate
- select CRYPTO_DRBG_MENU
-
config CRYPTO_AKCIPHER2
tristate
select CRYPTO_ALGAPI2
config CRYPTO_AKCIPHER
@@ -294,11 +290,10 @@ config CRYPTO_DH
DH (Diffie-Hellman) key exchange algorithm
config CRYPTO_DH_RFC7919_GROUPS
bool "RFC 7919 FFDHE groups"
depends on CRYPTO_DH
- select CRYPTO_RNG_DEFAULT
help
FFDHE (Finite-Field-based Diffie-Hellman Ephemeral) groups
defined in RFC7919.
Support these finite-field groups in DH key exchanges:
@@ -306,11 +301,10 @@ config CRYPTO_DH_RFC7919_GROUPS
If unsure, say N.
config CRYPTO_ECC
tristate
- select CRYPTO_RNG_DEFAULT
config CRYPTO_ECDH
tristate "ECDH (Elliptic Curve Diffie-Hellman)"
select CRYPTO_ECC
select CRYPTO_KPP
@@ -802,11 +796,10 @@ config CRYPTO_GCM
config CRYPTO_GENIV
tristate
select CRYPTO_AEAD
select CRYPTO_MANAGER
- select CRYPTO_RNG_DEFAULT
config CRYPTO_SEQIV
tristate "Sequence Number IV Generator"
select CRYPTO_GENIV
help
--
2.53.0