mirror of
https://github.com/coolsnowwolf/lede.git
synced 2025-04-15 18:03:30 +00:00
71813b0d03
Sync jitterentropy source code with linux-6.12 to solve the
issue of jitterentropy initialization failed:
[ 9.523489] jitterentropy: Initialization failed with host not compliant with requirements: 9
[ 9.661916] kmodloader: 1 module could not be probed
[ 9.662377] kmodloader: - jitterentropy_rng - 0
In linux upstream commit cf27d9475f37 ("crypto: jitter - use
permanent health test storage"), when FIPS crypto is disabled,
the health test results are always explicitly skipped. That means
it will never return error code 9 (health test failed) again.
Fixes: https://github.com/openwrt/openwrt/issues/16684
Signed-off-by: Shiji Yang <yangshiji66@outlook.com>
Link: https://github.com/openwrt/openwrt/pull/18399
Signed-off-by: Robert Marko <robimarko@gmail.com>
81 lines
2.3 KiB
Diff
81 lines
2.3 KiB
Diff
From e7ed6473c2c8c4e45dd861bfa06e96189b11d8db Mon Sep 17 00:00:00 2001
|
|
From: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Date: Mon, 6 Nov 2023 18:00:08 +0800
|
|
Subject: [PATCH] crypto: jitterentropy - Hide esoteric Kconfig options under
|
|
FIPS and EXPERT
|
|
|
|
As JITTERENTROPY is selected by default if you enable the CRYPTO
|
|
API, any Kconfig options added there will show up for every single
|
|
user. Hide the esoteric options under EXPERT as well as FIPS so
|
|
that only distro makers will see them.
|
|
|
|
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
Reviewed-by: Stephan Mueller <smueller@chronox.de>
|
|
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
---
|
|
crypto/Kconfig | 28 +++++++++++++++++++++++++---
|
|
1 file changed, 25 insertions(+), 3 deletions(-)
|
|
|
|
--- a/crypto/Kconfig
|
|
+++ b/crypto/Kconfig
|
|
@@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY
|
|
|
|
See https://www.chronox.de/jent/
|
|
|
|
+if CRYPTO_JITTERENTROPY
|
|
+if CRYPTO_FIPS && EXPERT
|
|
+
|
|
choice
|
|
prompt "CPU Jitter RNG Memory Size"
|
|
default CRYPTO_JITTERENTROPY_MEMSIZE_2
|
|
- depends on CRYPTO_JITTERENTROPY
|
|
help
|
|
The Jitter RNG measures the execution time of memory accesses.
|
|
Multiple consecutive memory accesses are performed. If the memory
|
|
@@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR
|
|
int "CPU Jitter RNG Oversampling Rate"
|
|
range 1 15
|
|
default 1
|
|
- depends on CRYPTO_JITTERENTROPY
|
|
help
|
|
The Jitter RNG allows the specification of an oversampling rate (OSR).
|
|
The Jitter RNG operation requires a fixed amount of timing
|
|
@@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR
|
|
|
|
config CRYPTO_JITTERENTROPY_TESTINTERFACE
|
|
bool "CPU Jitter RNG Test Interface"
|
|
- depends on CRYPTO_JITTERENTROPY
|
|
help
|
|
The test interface allows a privileged process to capture
|
|
the raw unconditioned high resolution time stamp noise that
|
|
@@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFAC
|
|
|
|
If unsure, select N.
|
|
|
|
+endif # if CRYPTO_FIPS && EXPERT
|
|
+
|
|
+if !(CRYPTO_FIPS && EXPERT)
|
|
+
|
|
+config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS
|
|
+ int
|
|
+ default 64
|
|
+
|
|
+config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE
|
|
+ int
|
|
+ default 32
|
|
+
|
|
+config CRYPTO_JITTERENTROPY_OSR
|
|
+ int
|
|
+ default 1
|
|
+
|
|
+config CRYPTO_JITTERENTROPY_TESTINTERFACE
|
|
+ bool
|
|
+
|
|
+endif # if !(CRYPTO_FIPS && EXPERT)
|
|
+endif # if CRYPTO_JITTERENTROPY
|
|
+
|
|
config CRYPTO_KDF800108_CTR
|
|
tristate
|
|
select CRYPTO_HMAC
|