fscrypt: Allow modular crypto algorithms

The commit 643fa9612bf1 ("fscrypt: remove filesystem specific
build config option") removed modular support for fs/crypto.  This
causes the Crypto API to be built-in whenever fscrypt is enabled.
This makes it very difficult for me to test modular builds of
the Crypto API without disabling fscrypt which is a pain.

As fscrypt is still evolving and it's developing new ties with the
fs layer, it's hard to build it as a module for now.

However, the actual algorithms are not required until a filesystem
is mounted.  Therefore we can allow them to be built as modules.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://lore.kernel.org/r/20191227024700.7vrzuux32uyfdgum@gondor.apana.org.au
Signed-off-by: Eric Biggers <ebiggers@google.com>

diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
index ff5a174..02df95b 100644 (file)
--- a/fs/crypto/Kconfig
+++ b/fs/crypto/Kconfig
@@ -2,13 +2,8 @@
 config FS_ENCRYPTION
        bool "FS Encryption (Per-file encryption)"
        select CRYPTO
-       select CRYPTO_AES
-       select CRYPTO_CBC
-       select CRYPTO_ECB
-       select CRYPTO_XTS
-       select CRYPTO_CTS
-       select CRYPTO_SHA512
-       select CRYPTO_HMAC
+       select CRYPTO_HASH
+       select CRYPTO_SKCIPHER
        select KEYS
        help
          Enable encryption of files and directories.  This
@@ -16,3 +11,15 @@ config FS_ENCRYPTION
          efficient since it avoids caching the encrypted and
          decrypted pages in the page cache.  Currently Ext4,
          F2FS and UBIFS make use of this feature.
+
+# Filesystems supporting encryption must select this if FS_ENCRYPTION.  This
+# allows the algorithms to be built as modules when all the filesystems are.
+config FS_ENCRYPTION_ALGS
+       tristate
+       select CRYPTO_AES
+       select CRYPTO_CBC
+       select CRYPTO_CTS
+       select CRYPTO_ECB
+       select CRYPTO_HMAC
+       select CRYPTO_SHA512
+       select CRYPTO_XTS

diff --git a/fs/ext4/Kconfig b/fs/ext4/Kconfig
index ef42ab0..db9bfa0 100644 (file)
--- a/fs/ext4/Kconfig
+++ b/fs/ext4/Kconfig
@@ -39,6 +39,7 @@ config EXT4_FS
        select CRYPTO
        select CRYPTO_CRC32C
        select FS_IOMAP
+       select FS_ENCRYPTION_ALGS if FS_ENCRYPTION
        help
          This is the next generation of the ext3 filesystem.
 

diff --git a/fs/f2fs/Kconfig b/fs/f2fs/Kconfig
index 652fd2e..599fb91 100644 (file)
--- a/fs/f2fs/Kconfig
+++ b/fs/f2fs/Kconfig
@@ -6,6 +6,7 @@ config F2FS_FS
        select CRYPTO
        select CRYPTO_CRC32
        select F2FS_FS_XATTR if FS_ENCRYPTION
+       select FS_ENCRYPTION_ALGS if FS_ENCRYPTION
        help
          F2FS is based on Log-structured File System (LFS), which supports
          versatile "flash-friendly" features. The design has been focused on

diff --git a/fs/ubifs/Kconfig b/fs/ubifs/Kconfig
index 69932bc..45d3d20 100644 (file)
--- a/fs/ubifs/Kconfig
+++ b/fs/ubifs/Kconfig
@@ -12,6 +12,7 @@ config UBIFS_FS
        select CRYPTO_ZSTD if UBIFS_FS_ZSTD
        select CRYPTO_HASH_INFO
        select UBIFS_FS_XATTR if FS_ENCRYPTION
+       select FS_ENCRYPTION_ALGS if FS_ENCRYPTION
        depends on MTD_UBI
        help
          UBIFS is a file system for flash devices which works on top of UBI.