Linus Torvalds <torva...@linux-foundation.org> wrote:
> Hmm. So this thing makes me wonder:
>
> /* Not having a signature is only an error if we're strict. */
> if (err < 0 && fips_enabled)
> panic("Module verification failed with error %d in FIPS
> mode\n",
> err);
>
> do we really want to panic (even in fips_enabled mode)?
That's what the FIPS people want. As I understand it, if there's some
indication that the crypto stuff is compromised, the box should be shut down
immediately.
I've added Stephan Mueller to see if he can illuminate further.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
