lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMusb+SOk3TW5q6q6-QNjimupaX+V-DMS==RdQinZ+jLRrADOQ@mail.gmail.com>
Date:   Mon, 27 Jun 2022 21:50:04 +0200
From:   Vlad Dronov <vdronov@...hat.com>
To:     Herbert Xu <herbert@...dor.apana.org.au>
Cc:     "David S . Miller" <davem@...emloft.net>,
        Randy Dunlap <rdunlap@...radead.org>,
        linux-crypto@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
        Simo Sorce <simo@...hat.com>
Subject: Re: [PATCH v2] crypto: fips - make proc files report fips module name
 and version

Hi, Herbert,

On Mon, Jun 27, 2022 at 3:19 AM Herbert Xu <herbert@...dor.apana.org.au> wrote:
>
> On Tue, Jun 21, 2022 at 05:08:32PM +0200, Vladis Dronov wrote:
> >
> >  #ifdef CONFIG_CRYPTO_FIPS
> >  extern int fips_enabled;
> >  extern struct atomic_notifier_head fips_fail_notif_chain;
> >
> > +#define FIPS_MODULE_NAME CONFIG_CRYPTO_FIPS_NAME
> > +#ifdef CONFIG_CRYPTO_FIPS_CUSTOM_VERSION
> > +#define FIPS_MODULE_VERSION CONFIG_CRYPTO_FIPS_VERSION
> > +#else
> > +#define FIPS_MODULE_VERSION UTS_RELEASE
> > +#endif
>
> Why does this need to be in fips.h? If it's only used by one file
> then it should be moved to the place where it's used.

Indeed, you are right, these defines are used only once, thank you. I'll move
them to fips.c. Let me post v3 to this same thread below.

Just a heads-up, a kernel with this patch builds, boots and a FIPS output is
correct.

Best regards,
Vladis Dronov | Red Hat, Inc. | The Core Kernel | Senior Software Engineer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ