summaryrefslogtreecommitdiff
path: root/crypto/testmgr.c
diff options
context:
space:
mode:
authorMilan Broz <mbroz@redhat.com>2012-06-29 22:08:09 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2012-07-11 11:06:15 +0800
commit6c79294f44fd7d1122cbaabff3b9815b074c0dd0 (patch)
treef9572a8056ab494a6191ea4bb8d53593feb9119c /crypto/testmgr.c
parentb329669ea0b5b02efd41f94372bcf0e988814af4 (diff)
downloadlwn-6c79294f44fd7d1122cbaabff3b9815b074c0dd0.tar.gz
lwn-6c79294f44fd7d1122cbaabff3b9815b074c0dd0.zip
crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode
Patch 863b557a88f8c033f7419fabafef4712a5055f85 added NULL entries for intel accelerated drivers but did not marked these fips allowed. This cause panic if running tests with fips=1. For ghash, fips_allowed flag was added in patch 18c0ebd2d8194cce4b3f67e2903fa01bea892cbc. Without patch, "modprobe tcrypt" fails with alg: skcipher: Failed to load transform for cbc-aes-aesni: -2 cbc-aes-aesni: cbc(aes) alg self test failed in fips mode! (panic) Also add missing cryptd(__driver-cbc-aes-aesni) and cryptd(__driver-gcm-aes-aesni) test to complement null tests above, otherwise system complains with alg: No test for __cbc-aes-aesni (cryptd(__driver-cbc-aes-aesni)) alg: No test for __gcm-aes-aesni (cryptd(__driver-gcm-aes-aesni)) Signed-off-by: Milan Broz <mbroz@redhat.com> Signed-off-by: Paul Wouters <pwouters@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/testmgr.c')
-rw-r--r--crypto/testmgr.c38
1 files changed, 38 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 36748a5996e2..4308a11f129c 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1581,6 +1581,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "__driver-cbc-aes-aesni",
.test = alg_test_null,
+ .fips_allowed = 1,
.suite = {
.cipher = {
.enc = {
@@ -1641,6 +1642,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "__driver-ecb-aes-aesni",
.test = alg_test_null,
+ .fips_allowed = 1,
.suite = {
.cipher = {
.enc = {
@@ -1701,6 +1703,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "__ghash-pclmulqdqni",
.test = alg_test_null,
+ .fips_allowed = 1,
.suite = {
.hash = {
.vecs = NULL,
@@ -1866,8 +1869,25 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "cryptd(__driver-cbc-aes-aesni)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ .suite = {
+ .cipher = {
+ .enc = {
+ .vecs = NULL,
+ .count = 0
+ },
+ .dec = {
+ .vecs = NULL,
+ .count = 0
+ }
+ }
+ }
+ }, {
.alg = "cryptd(__driver-ecb-aes-aesni)",
.test = alg_test_null,
+ .fips_allowed = 1,
.suite = {
.cipher = {
.enc = {
@@ -1926,8 +1946,25 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "cryptd(__driver-gcm-aes-aesni)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ .suite = {
+ .cipher = {
+ .enc = {
+ .vecs = NULL,
+ .count = 0
+ },
+ .dec = {
+ .vecs = NULL,
+ .count = 0
+ }
+ }
+ }
+ }, {
.alg = "cryptd(__ghash-pclmulqdqni)",
.test = alg_test_null,
+ .fips_allowed = 1,
.suite = {
.hash = {
.vecs = NULL,
@@ -2043,6 +2080,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "ecb(__aes-aesni)",
.test = alg_test_null,
+ .fips_allowed = 1,
.suite = {
.cipher = {
.enc = {