Hi David, On Wed, Sep 18, 2019 at 6:43 PM David Howells <dhowells@xxxxxxxxxx> wrote: > Geert Uytterhoeven <geert@xxxxxxxxxxxxxx> wrote: > > > > TL;DR: CONFIG_CRYPTO_DH=y is reported to cause boot delays of several > > > > minutes on old and slow machines. > > > > > > Why is it doing that? It doesn't do anything unless it is called, so > > > something must be calling it. > > > > I don't know. Enabling initcall_debug shows that dh_init() takes a very long > > time. > > Ah... The bit that handles keyctl_dh_compute() doesn't do anything unless > asked, but the bit in the crypto layer that does dh does (ie. dh_init()). I > guess it's doing some sort of self-test, but I can't see how it effects that. > I think you need to consult the author/maintainer of crypto/dh.c. Apparently the Debian kernel config had not enabled CONFIG_CRYPTO_MANAGER_DISABLE_TESTS, so all crypto tests were run at boot time :-( > It might be possible to make CONFIG_KEY_DH_OPERATIONS not depend on > CONFIG_CRYPTO_DH and have crypto_alloc_kpp() load the *crypto* part on > demand. Failing that, I can look into demand-loading keyctl operations. Regardless, it may be a good idea to make KEY_DH_OPERATIONS tristate one day, so enabling wireless as a module doesn't force CONFIG_CRYPTO_DH builtin. Thanks! Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds