crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT

As JITTERENTROPY is selected by default if you enable the CRYPTO
API, any Kconfig options added there will show up for every single
user.  Hide the esoteric options under EXPERT as well as FIPS so
that only distro makers will see them.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/Kconfig b/crypto/Kconfig
index bbf51d55724e3fdb1a1dc339860396e5f767e8fc..70661f58ee41c4ca0d07a02dc966c8f4ef608431 100644 (file)
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY
 
          See https://www.chronox.de/jent.html
 
+if CRYPTO_JITTERENTROPY
+if CRYPTO_FIPS && EXPERT
+
 choice
        prompt "CPU Jitter RNG Memory Size"
        default CRYPTO_JITTERENTROPY_MEMSIZE_2
-       depends on CRYPTO_JITTERENTROPY
        help
          The Jitter RNG measures the execution time of memory accesses.
          Multiple consecutive memory accesses are performed. If the memory
@@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR
        int "CPU Jitter RNG Oversampling Rate"
        range 1 15
        default 1
-       depends on CRYPTO_JITTERENTROPY
        help
          The Jitter RNG allows the specification of an oversampling rate (OSR).
          The Jitter RNG operation requires a fixed amount of timing
@@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR
 
 config CRYPTO_JITTERENTROPY_TESTINTERFACE
        bool "CPU Jitter RNG Test Interface"
-       depends on CRYPTO_JITTERENTROPY
        help
          The test interface allows a privileged process to capture
          the raw unconditioned high resolution time stamp noise that
@@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFACE
 
          If unsure, select N.
 
+endif  # if CRYPTO_FIPS && EXPERT
+
+if !(CRYPTO_FIPS && EXPERT)
+
+config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS
+       int
+       default 64
+
+config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE
+       int
+       default 32
+
+config CRYPTO_JITTERENTROPY_OSR
+       int
+       default 1
+
+config CRYPTO_JITTERENTROPY_TESTINTERFACE
+       bool
+
+endif  # if !(CRYPTO_FIPS && EXPERT)
+endif  # if CRYPTO_JITTERENTROPY
+
 config CRYPTO_KDF800108_CTR
        tristate
        select CRYPTO_HMAC