[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto-vger
Subject:    Re: [PATCH] crypto: Add a flag allowing the self-tests to be disabled at runtime.
From:       "Richard W.M. Jones" <rjones () redhat ! com>
Date:       2016-04-29 11:04:46
Message-ID: 20160429110446.GD28599 () redhat ! com
[Download RAW message or body]

On Fri, Apr 29, 2016 at 12:59:57PM +0200, Stephan Mueller wrote:
> Am Freitag, 29. April 2016, 11:07:43 schrieb Richard W.M. Jones:
> 
> Hi Richard,
[...]
> > +	if (notests) {
> 
> What about if (!fips_enabled && notests) ?
>
> I am not sure whether the kernel should prevent mistakes in user space. A 
> mistake would be when setting fips=1 and notests=1 as the FIPS mode mandates 
> the self tests.

(Sorry, I just posted v2 before I saw this message.)  I saw the FIPS
stuff and thought about that.  Should we prevent mistakes like that?
I really don't know.

Rich.

> > +		pr_info("alg: self-tests disabled\n");
> > +		return 0;
> > +	}
> > +
> >  	alg_test_descs_check_order();
> > 
> >  	if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
> 
> 
> Ciao
> Stephan
> -- 
> | Nimm das Recht weg -                                             |
> |  was ist dann der Staat noch anderes als eine große Räuberbande? |

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]