admin/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2025-12-07 20:06:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: keys: use menuconfig for KEYS symbol

Browse Source 
Give the KEYS kconfig symbol and its associated symbols a separate menu
space under Security options by using "menuconfig" instead of "config".

This also makes it easier to find the security and LSM options.

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
This commit is contained in:
Randy Dunlap
2025-09-27 21:14:20 +03:00
committed by Jarkko Sakkinen
parent 9b8d24a49f
commit 8be70a8fc6
1 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
security/keys/Kconfig
View File

@@ -3,7 +3,7 @@
# Key management configuration # Key management configuration
# #
config KEYS menuconfig KEYS
bool "Enable access key retention support" bool "Enable access key retention support"
select ASSOCIATIVE_ARRAY select ASSOCIATIVE_ARRAY
help help
@@ -21,9 +21,10 @@ config KEYS
If you are unsure as to whether this is required, answer N. If you are unsure as to whether this is required, answer N.
if KEYS
config KEYS_REQUEST_CACHE config KEYS_REQUEST_CACHE
bool "Enable temporary caching of the last request_key() result" bool "Enable temporary caching of the last request_key() result"
depends on KEYS
help help
This option causes the result of the last successful request_key() This option causes the result of the last successful request_key()
call that didn't upcall to the kernel to be cached temporarily in the call that didn't upcall to the kernel to be cached temporarily in the
@@ -41,7 +42,6 @@ config KEYS_REQUEST_CACHE
config PERSISTENT_KEYRINGS config PERSISTENT_KEYRINGS
bool "Enable register of persistent per-UID keyrings" bool "Enable register of persistent per-UID keyrings"
depends on KEYS
help help
This option provides a register of persistent per-UID keyrings, This option provides a register of persistent per-UID keyrings,
primarily aimed at Kerberos key storage. The keyrings are persistent primarily aimed at Kerberos key storage. The keyrings are persistent
@@ -58,7 +58,6 @@ config PERSISTENT_KEYRINGS
config BIG_KEYS config BIG_KEYS
bool "Large payload keys" bool "Large payload keys"
depends on KEYS
depends on TMPFS depends on TMPFS
select CRYPTO_LIB_CHACHA20POLY1305 select CRYPTO_LIB_CHACHA20POLY1305
help help
@@ -70,7 +69,6 @@ config BIG_KEYS
config TRUSTED_KEYS config TRUSTED_KEYS
tristate "TRUSTED KEYS" tristate "TRUSTED KEYS"
depends on KEYS
help help
This option provides support for creating, sealing, and unsealing This option provides support for creating, sealing, and unsealing
keys in the kernel. Trusted keys are random number symmetric keys, keys in the kernel. Trusted keys are random number symmetric keys,
@@ -85,7 +83,6 @@ endif
config ENCRYPTED_KEYS config ENCRYPTED_KEYS
tristate "ENCRYPTED KEYS" tristate "ENCRYPTED KEYS"
depends on KEYS
select CRYPTO select CRYPTO
select CRYPTO_AES select CRYPTO_AES
select CRYPTO_CBC select CRYPTO_CBC
@@ -113,7 +110,6 @@ config USER_DECRYPTED_DATA
config KEY_DH_OPERATIONS config KEY_DH_OPERATIONS
bool "Diffie-Hellman operations on retained keys" bool "Diffie-Hellman operations on retained keys"
depends on KEYS
select CRYPTO select CRYPTO
select CRYPTO_KDF800108_CTR select CRYPTO_KDF800108_CTR
select CRYPTO_DH select CRYPTO_DH
@@ -126,9 +122,11 @@ config KEY_DH_OPERATIONS
config KEY_NOTIFICATIONS config KEY_NOTIFICATIONS
bool "Provide key/keyring change notifications" bool "Provide key/keyring change notifications"
depends on KEYS && WATCH_QUEUE depends on WATCH_QUEUE
help help
This option provides support for getting change notifications This option provides support for getting change notifications
on keys and keyrings on which the caller has View permission. on keys and keyrings on which the caller has View permission.
This makes use of pipes to handle the notification buffer and This makes use of pipes to handle the notification buffer and
provides KEYCTL_WATCH_KEY to enable/disable watches. provides KEYCTL_WATCH_KEY to enable/disable watches.
endif # KEYS