On Wed, Jan 28, 2009 at 07:58:48AM -0500, Neil Horman wrote:
> 
> FIPS 140-2 specifies that all access to various cryptographic modules be
> prevented in the event that any of the provided self tests fail on the various
> implemented algorithms.  We already panic when any of the test in testmgr.c
> fail when we are operating in fips mode.  The continuous test in the cprng 
> here
> was missed when that was implmented.  This code simply checks for the
> fips_enabled flag if the test fails, and warns us via syslog or panics the box
> accordingly.
> 
> Signed-off-by: Neil Horman <[email protected]>

Patch applied.  Thanks Neil.
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to