[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150503175320.GI10014@thunk.org>
Date: Sun, 3 May 2015 13:53:20 -0400
From: Theodore Ts'o <tytso@....edu>
To: Anssi Hannula <anssi.hannula@....fi>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
Andreas Dilger <adilger.kernel@...ger.ca>,
linux-ext4@...r.kernel.org, Michael Halcrow <mhalcrow@...gle.com>
Subject: Re: ext4 crypto: Do not select from EXT4_FS_ENCRYPTION
On Sun, May 03, 2015 at 03:34:14PM +0300, Anssi Hannula wrote:
> Hi,
>
> 01.05.2015, 03:18, Herbert Xu kirjoitti:
> > This patch adds a tristate EXT4_ENCRYPTION to do the selections
> > for EXT4_FS_ENCRYPTION because selecting from a bool causes all
> > the selected options to be built-in, even if EXT4 itself is a
> > module.
>
> Hmm, are you sure?
>
> Since CONFIG_EXT4_FS_ENCRYPTION itself depends on CONFIG_EXT4_FS, the
> selector for the selected options becomes (CONFIG_EXT4_FS_ENCRYPTION &&
> CONFIG_EXT4_FS && CONFIG_BLOCK).
>
> Per my testing on git master (without this patch), if EXT4_FS=m and
> EXT4_FS_ENCRYPTION=y, both "built-in" and "module" options are allowed
> for the selected options (checked CONFIG_ENCRYPTED_KEYS myself).
I believe the situation which is causing concern is when someone wants
to build a kernel where EXT4_FS=y, but they want the cryptographic
algorithms to be modules. In that case, since EXT4_FS_ENCRYPTION is
'y', it forces the all of the crypto modules to be built into the
kernel, and so it forecloses that option from someone who is building
or packaging a kernel.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists