33 lines
1.3 KiB
Diff
33 lines
1.3 KiB
Diff
From: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
Date: Sun, 7 Mar 2021 11:50:04 +0100
|
|
Subject: fastd: disable GMAC-based methods by default
|
|
|
|
The UMAC-based methods provide higher performance than GMAC and aren't
|
|
suspectible to timing attacks when implemented in software (which is
|
|
always the case on OpenWrt, as OpenSSL support is disabled). Disable
|
|
GMAC by default to save a few KiB.
|
|
|
|
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
(cherry picked from commit 916a65781829d93856bfb82cf78ba333b8fbc973)
|
|
|
|
diff --git a/net/fastd/Config.in b/net/fastd/Config.in
|
|
index 89ff6850aa5ab4ad0e762d8fb9473d5e5c820089..b6d46246e53516cdb7fc6e4857ea62481b4e8276 100644
|
|
--- a/net/fastd/Config.in
|
|
+++ b/net/fastd/Config.in
|
|
@@ -8,7 +8,6 @@ config FASTD_ENABLE_METHOD_CIPHER_TEST
|
|
config FASTD_ENABLE_METHOD_COMPOSED_GMAC
|
|
bool "Enable composed-gmac method provider"
|
|
select FASTD_ENABLE_MAC_GHASH
|
|
- default y
|
|
|
|
config FASTD_ENABLE_METHOD_COMPOSED_UMAC
|
|
bool "Enable composed-umac method provider"
|
|
@@ -18,7 +17,6 @@ config FASTD_ENABLE_METHOD_COMPOSED_UMAC
|
|
config FASTD_ENABLE_METHOD_GENERIC_GMAC
|
|
bool "Enable generic-gmac method provider"
|
|
select FASTD_ENABLE_MAC_GHASH
|
|
- default y
|
|
|
|
config FASTD_ENABLE_METHOD_GENERIC_POLY1305
|
|
bool "Enable generic-poly1305 method provider"
|