From: Eric Biggers <ebiggers@xxxxxxxxxx>
echainiv is the only algorithm or template in the crypto API that is
enabled by default. But there doesn't seem to be a good reason for it.
And it pulls in a lot of stuff as dependencies, like AEAD support and a
"NIST SP800-90A DRBG" including HMAC-SHA256.
The commit which made it default 'm', commit 3491244c6298 ("crypto:
echainiv - Set Kconfig default to m"), mentioned that it's needed for
IPsec. However, later commit 32b6170ca59c ("ipv4+ipv6: Make INET*_ESP
select CRYPTO_ECHAINIV") made the IPsec kconfig options select it.
So, remove the 'default m'.
Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
---
crypto/Kconfig | 1 -
1 file changed, 1 deletion(-)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index af8c6b4e6a83a..1062e1031f73a 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -428,7 +428,6 @@ config CRYPTO_ECHAINIV
select CRYPTO_NULL
select CRYPTO_RNG_DEFAULT
select CRYPTO_MANAGER
- default m
help
This IV generator generates an IV based on the encryption of
a sequence number xored with a salt. This is the default
--
2.21.0.1020.gf2820cf01a-goog
