[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YGJ+FrwrSRyvMHoF@gmail.com>
Date: Mon, 29 Mar 2021 18:25:42 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Dexuan Cui <decui@...rosoft.com>
Cc: "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: v5.12.0-rc5: the kernel panics if FIPS mode is on
On Mon, Mar 29, 2021 at 09:56:18PM +0000, Dexuan Cui wrote:
> Hi all,
> The v5.12.0-rc5 kernel (1e43c377a79f) panics with fips=1.
>
> Please refer to the below panic call-trace. The kernel config file and
> the full kernel messages are also attached.
>
> Is this a known issue?
>
> Thanks,
> -- Dexuan
>
> Starting dracut pre-udev hook...
> [ 7.260424] alg: self-tests for sha512-generic (sha512) passed
> [ 7.265917] alg: self-tests for sha384-generic (sha384) passed
> [ 7.272426] alg: self-tests for sha512-ssse3 (sha512) passed
> [ 7.276500] alg: self-tests for sha384-ssse3 (sha384) passed
> [ 7.281722] alg: self-tests for sha512-avx (sha512) passed
> [ 7.286579] alg: self-tests for sha384-avx (sha384) passed
> [ 7.291631] alg: self-tests for sha512-avx2 (sha512) passed
> [ 7.296950] alg: self-tests for sha384-avx2 (sha384) passed
> [ 7.321040] alg: self-tests for sha3-224-generic (sha3-224) passed
> [ 7.330291] alg: self-tests for sha3-256-generic (sha3-256) passed
> [ 7.335918] alg: self-tests for sha3-384-generic (sha3-384) passed
> [ 7.341508] alg: self-tests for sha3-512-generic (sha3-512) passed
> [ 7.381918] alg: self-tests for crc32c-intel (crc32c) passed
> [ 7.396694] alg: self-tests for crct10dif-pclmul (crct10dif) passed
> [ 7.453515] alg: self-tests for ghash-clmulni (ghash) passed
> [ 7.469558] alg: self-tests for des3_ede-asm (des3_ede) passed
> [ 7.475355] alg: self-tests for ecb-des3_ede-asm (ecb(des3_ede)) passed
> [ 7.481361] alg: self-tests for cbc-des3_ede-asm (cbc(des3_ede)) passed
> [ 7.488656] alg: self-tests for des3_ede-generic (des3_ede) passed
> [ 7.304930] dracut-pre-udev[502]: modprobe: ERROR: could not insert 'padlock_aes': No such device
> [ 7.579580] alg: No test for fips(ansi_cprng) (fips_ansi_cprng)
> [ 7.606547] alg: self-tests for sha1 (sha1) passed
> [ 7.610624] alg: self-tests for ecb(des3_ede) (ecb(des3_ede)) passed
> [ 7.615746] alg: self-tests for cbc(des3_ede) (cbc(des3_ede)) passed
> [ 7.638067] alg: self-tests for ctr(des3_ede-asm) (ctr(des3_ede)) passed
> [ 7.644781] alg: self-tests for ctr(des3_ede) (ctr(des3_ede)) passed
> [ 7.653810] alg: self-tests for sha256 (sha256) passed
> [ 7.658945] alg: self-tests for ecb(aes) (ecb(aes)) passed
> [ 7.663493] alg: self-tests for cbc(aes) (cbc(aes)) passed
> [ 7.668421] alg: self-tests for xts(aes) (xts(aes)) passed
> [ 7.672389] alg: self-tests for ctr(aes) (ctr(aes)) passed
> [ 7.692973] alg: self-tests for rfc3686(ctr-aes-aesni) (rfc3686(ctr(aes))) passed
> [ 7.699446] alg: self-tests for rfc3686(ctr(aes)) (rfc3686(ctr(aes))) passed
> [ 7.730149] alg: skcipher: failed to allocate transform for ofb(aes): -2
> [ 7.735959] Kernel panic - not syncing: alg: self-tests for ofb(aes) (ofb(aes)) failed in fips mode!
> [ 7.736952] CPU: 13 PID: 560 Comm: modprobe Tainted: G W 5.12.0-rc5+ #3
> [ 7.736952] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS 090008 12/07/2018
> [ 7.736952] Call Trace:
> [ 7.736952] dump_stack+0x64/0x7c
> [ 7.736952] panic+0xfb/0x2d7
> [ 7.736952] alg_test+0x42d/0x460
> [ 7.736952] ? __kernfs_new_node+0x175/0x1d0
> [ 7.736952] do_test+0x3248/0x57ea [tcrypt]
> [ 7.736952] do_test+0x1f2c/0x57ea [tcrypt]
> [ 7.736952] ? 0xffffffffc031d000
> [ 7.736952] tcrypt_mod_init+0x55/0x1000 [tcrypt]
It looks like your userspace is using tcrypt.ko to request that the kernel test
"ofb(aes)", but your kernel doesn't have CONFIG_CRYPTO_OFB enabled so the test
fails as expected. Are you sure that anything changed on the kernel side
besides the kconfig you are using? It looks like this was always the behavior
when tcrypt.ko is used to test a non-existing algorithm.
Is your userspace code intentionally trying to test "ofb(aes)", or is it
accidental?
- Eric
Powered by blists - more mailing lists