Re: [PATCH] crypto: Add a flag allowing the self-tests to be disabled at runtime.
From: Richard W.M. Jones
Date: Fri Apr 29 2016 - 07:04:58 EST
On Fri, Apr 29, 2016 at 12:59:57PM +0200, Stephan Mueller wrote:
> Am Freitag, 29. April 2016, 11:07:43 schrieb Richard W.M. Jones:
>
> Hi Richard,
[...]
> > + if (notests) {
>
> What about if (!fips_enabled && notests) ?
>
> I am not sure whether the kernel should prevent mistakes in user space. A
> mistake would be when setting fips=1 and notests=1 as the FIPS mode mandates
> the self tests.
(Sorry, I just posted v2 before I saw this message.) I saw the FIPS
stuff and thought about that. Should we prevent mistakes like that?
I really don't know.
Rich.
> > + pr_info("alg: self-tests disabled\n");
> > + return 0;
> > + }
> > +
> > alg_test_descs_check_order();
> >
> > if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
>
>
> Ciao
> Stephan
> --
> | Nimm das Recht weg - |
> | was ist dann der Staat noch anderes als eine große Räuberbande? |
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/