New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 813198 link

Starred by 1 user
Status: WontFix
Owner:
djkurtz@chromium.org
Last visit > 30 days ago
Closed: Feb 2018
Cc:
josephsih@chromium.org
groeck@chromium.org
mcchou@chromium.org
diand...@chromium.org
ecgh@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

chromeos-4.14: disable CRYPTO_ECDH and CRYPTO_KPP

Project Member Reported by djkurtz@chromium.org, Feb 16 2018 
This issue was discovered during review of:

https://chromium-review.googlesource.com/#/c/chromiumos/third_party/kernel/+/924261

During the renormalization above "CONFIG_CRYPTO_KPP=m" appeared in base.config.

dianders deduced that this was introduced by the recent merge of v4.14.17 into chromeos-4.14 which included patch:
299218276576 crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH

We have CRYPTO_ECDH=m enabled in base.config, so this typo fixed made KPP suddenly appear.

Of course this means it wasn't there before, so ECDH shouldn't have worked... which begged the question, is ECDH itself even needed?  If now, where did it come from?  And can we disable it?

It turns out that we don't need it.
CRYPTO_ECDH is not enabled in chromeos-3.18 or chromeos-4.4.

It was carried over into chromeos-4.14 ([0]) from the short-lived chromeos-4.12, where it was introduced by [1]:

[0] d516207006ad CHROMIUM: config: update configs to latest in 4.14
[1] 51593a6389cb CHROMIUM: Normalize defconfig

Comment 1 by djkurtz@chromium.org, Feb 16 2018 

Oops, never mind.  CONFIG_ECDH is being pulled in by:

chromeos/config/base.config:CONFIG_BT=m

net/bluetooth/Kconfig:
menuconfig BT
...
        select CRYPTO_ECDH

Comment 2 by diand...@chromium.org, Feb 16 2018 

Ah.  ...so presumably that means that anyone who tried to use Bluetooth devices that needed ECDH was getting a failure?

I guess if BT is selecting it then we should just close this as WontFix and say that perhaps we fixed a bug somewhere?

Comment 3 by djkurtz@chromium.org, Feb 16 2018

Cc: mcchou@chromium.org josephsih@chromium.org
Components: OS>Systems>Bluetooth
The select of BT -> CRYPTO_ECDH was added in v4.12 [2], which is why it first appears in patch [0] in the OP.

[2] 58771c1cb002 Bluetooth: convert smp and selftest to crypto kpp API

Comment 4 by groeck@chromium.org, Feb 16 2018 

I did wonder why I would have enabled ECDH without reason. Guess #1 explains that. I agree with #2 - it looks like the v4.14.17 merge actually fixed a bug.

Comment 5 by djkurtz@chromium.org, Feb 16 2018

Cc: ecgh@chromium.org
Status: WontFix (was: Started)
@#2 Yes, quite possibly certain BT use cases (BLE Secure Connections?) would have been failing - but only on 4.14 (and 4.12).

Sign in to add a comment