tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

fscrypt: Allow modular crypto algorithms

The commit 643fa9612bf1 ("fscrypt: remove filesystem specific
build config option") removed modular support for fs/crypto. This
causes the Crypto API to be built-in whenever fscrypt is enabled.
This makes it very difficult for me to test modular builds of
the Crypto API without disabling fscrypt which is a pain.

As fscrypt is still evolving and it's developing new ties with the
fs layer, it's hard to build it as a module for now.

However, the actual algorithms are not required until a filesystem
is mounted. Therefore we can allow them to be built as modules.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://lore.kernel.org/r/20191227024700.7vrzuux32uyfdgum@gondor.apana.org.au
Signed-off-by: Eric Biggers <ebiggers@google.com>

authored by

Herbert Xu and committed by
Eric Biggers ede7a09f e933adde

+17 -7
+14 -7
fs/crypto/Kconfig
··· 2 2 config FS_ENCRYPTION 3 3 bool "FS Encryption (Per-file encryption)" 4 4 select CRYPTO 5 - select CRYPTO_AES 6 - select CRYPTO_CBC 7 - select CRYPTO_ECB 8 - select CRYPTO_XTS 9 - select CRYPTO_CTS 10 - select CRYPTO_SHA512 11 - select CRYPTO_HMAC 5 + select CRYPTO_HASH 6 + select CRYPTO_SKCIPHER 12 7 select KEYS 13 8 help 14 9 Enable encryption of files and directories. This ··· 11 16 efficient since it avoids caching the encrypted and 12 17 decrypted pages in the page cache. Currently Ext4, 13 18 F2FS and UBIFS make use of this feature. 19 + 20 + # Filesystems supporting encryption must select this if FS_ENCRYPTION. This 21 + # allows the algorithms to be built as modules when all the filesystems are. 22 + config FS_ENCRYPTION_ALGS 23 + tristate 24 + select CRYPTO_AES 25 + select CRYPTO_CBC 26 + select CRYPTO_CTS 27 + select CRYPTO_ECB 28 + select CRYPTO_HMAC 29 + select CRYPTO_SHA512 30 + select CRYPTO_XTS
+1
fs/ext4/Kconfig
··· 39 39 select CRYPTO 40 40 select CRYPTO_CRC32C 41 41 select FS_IOMAP 42 + select FS_ENCRYPTION_ALGS if FS_ENCRYPTION 42 43 help 43 44 This is the next generation of the ext3 filesystem. 44 45
+1
fs/f2fs/Kconfig
··· 6 6 select CRYPTO 7 7 select CRYPTO_CRC32 8 8 select F2FS_FS_XATTR if FS_ENCRYPTION 9 + select FS_ENCRYPTION_ALGS if FS_ENCRYPTION 9 10 help 10 11 F2FS is based on Log-structured File System (LFS), which supports 11 12 versatile "flash-friendly" features. The design has been focused on
+1
fs/ubifs/Kconfig
··· 12 12 select CRYPTO_ZSTD if UBIFS_FS_ZSTD 13 13 select CRYPTO_HASH_INFO 14 14 select UBIFS_FS_XATTR if FS_ENCRYPTION 15 + select FS_ENCRYPTION_ALGS if FS_ENCRYPTION 15 16 depends on MTD_UBI 16 17 help 17 18 UBIFS is a file system for flash devices which works on top of UBI.