lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1427752.f9YxQ9FBNN@myon.chronox.de>
Date:	Mon, 26 May 2014 13:30:36 +0200
From:	Stephan Mueller <smueller@...onox.de>
To:	linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org
Cc:	herbert@...dor.apana.org.au, aquini@...hat.com,
	jeremy.wayne.powell@...il.com, clemens@...isch.de,
	pwalten@....ibm.com, joe@...ches.com
Subject: [PATCH v8 7/7] Add documentation of drbg.stdrng

The drbg.stdrng kernel command line flag allows the selection of the
DRBG used as stdrng.

Signed-off-by: Stephan Mueller <smueller@...onox.de>
---
 Documentation/kernel-parameters.txt | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 30a8ad0d..b970ba2 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -855,6 +855,16 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 			The filter can be disabled or changed to another
 			driver later using sysfs.
 
+	drbg.stdrng=<name>
+			Kernel crypto API name of the SP800-90A DRBG that
+			is marked as "stdrng". Parts of the kernel requiring
+			random numbers may use the "stdrng" random number
+			generator. In FIPS mode (when the kernel command line
+			parameter fips=1 is provided), the priority of the
+			DRBG stdrng is increased to be higher than other
+			stdrng definitions. This implies, the DRBG is used as
+			default in FIPS mode.
+
 	drm_kms_helper.edid_firmware=[<connector>:]<file>
 			Broken monitors, graphic adapters and KVMs may
 			send no or incorrect EDID data sets. This parameter
-- 
1.9.3


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ