lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250612172005.GA1283@sol>
Date: Thu, 12 Jun 2025 10:20:05 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
	Diederik de Haas <didi.debian@...ow.org>,
	Ingo Franzki <ifranzki@...ux.ibm.com>
Subject: Re: [PATCH] crypto: testmgr - reinstate kconfig support for fast
 tests only

On Thu, Jun 12, 2025 at 05:03:35PM +0800, Herbert Xu wrote:
> On Wed, Jun 11, 2025 at 11:09:31PM -0700, Eric Biggers wrote:
> >
> > It used to be:
> > 
> >     config CRYPTO_MANAGER_DISABLE_TESTS
> >             bool "Disable run-time self tests"
> >             default y
> >             help
> >               Disable run-time self tests that normally take place at
> >               algorithm registration.
> > 
> > So the CONFIG_EXPERT dependency for the prompt would be new.  Are you sure?
> 
> When this was inverted I specifically asked for a dependency
> on EXPERT so that normal users won't be bothered by a question
> that had no relevance to them.
> 
> You then suggested a dependency on DEBUG_KERNEL which I accepted
> because EXPERT happens to select that so they're practically
> equivalent.
> 
> So make it depend on either DEBUG_KERNEL or EXPERT because normal
> users should never see this question.  IOW we as developers should
> select a sane default, whatever that may be.
> 
> > If you insist.  I hoped to get the people working on drivers to actually run the
> > tests that they are supposed to.  The default y is appropriate for anyone
> > actually doing development and/or testing, which is what the tests are supposed
> > to be for.
> > 
> > But I guess that doesn't really happen, and distros are expected to run the
> > reduced set of tests in production because upstream doesn't test the drivers.
> > And they will want n here.
> 
> I share your concern.  One idea is to calculate a hash based on the
> current time and print it out if and only if SELFTESTS_FULL is enabled.
> 
> Then we could require all driver submissions to include this message
> as proof that they enabled this option.
> 

Crypto drivers need to be regularly tested and maintained, not just tested at
submission time.  Crypto drivers that don't achieve that should not be part of
the kernel.

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ