Re: [PATCH v3] crypto: mips: add poly1305-core.S to .gitignore

On Sat, Mar 27, 2021 at 07:39:43PM -0700, Ilya Lipnitskiy wrote: > poly1305-core.S is an auto-generated file, so it should be ignored. > > Fixes: a11d055e7a64 ("crypto: mips/poly1305 - incorporate OpenSSL/CRYPTOGAMS > optimized implementation") > Signed-off-by: Ilya Lipnitskiy > Cc: Ard Biesheuv

Re: [PATCH v1 3/3] KEYS: trusted: Introduce support for NXP CAAM-based trusted keys

Hello Jarkko, On 28.03.21 22:37, Jarkko Sakkinen wrote: > On Sat, Mar 27, 2021 at 01:41:24PM +0100, David Gstir wrote: >> Generally speaking, I’d say trusting the CAAM RNG and trusting in it’s >> other features are two separate things. However, reading through the CAAM >> key blob spec I’ve got he

[PATCH] crypto: chelsio: fix incorrect kernel-doc comment syntax in file

The opening comment mark '/**' is used for highlighting the beginning of kernel-doc comments. The header for drivers/crypto/chelsio/chcr_core.c follows this syntax, but the content inside does not comply with kernel-doc. This line was probably not meant for kernel-doc parsing, but is parsed due to

Re: [PATCH] crypto: chelsio: fix incorrect kernel-doc comment syntax in file

On 3/29/21 3:45 AM, Aditya Srivastava wrote: > The opening comment mark '/**' is used for highlighting the beginning of > kernel-doc comments. > The header for drivers/crypto/chelsio/chcr_core.c follows this syntax, but > the content inside does not comply with kernel-doc. > > This line was probab

[PATCH] crypto: allwinner: add missing CRYPTO_ prefix

Some CONFIG select miss CRYPTO_. Reported-by: Chen-Yu Tsai Fixes: 56f6d5aee88d1 ("crypto: sun8i-ce - support hash algorithms") Fixes: d9b45418a9177 ("crypto: sun8i-ss - support hash algorithms") Signed-off-by: Corentin Labbe --- drivers/crypto/allwinner/Kconfig | 14 +++--- 1 file chang

v5.12.0-rc5: the kernel panics if FIPS mode is on

Hi all, The v5.12.0-rc5 kernel (1e43c377a79f) panics with fips=1. Please refer to the below panic call-trace. The kernel config file and the full kernel messages are also attached. Is this a known issue? Thanks, -- Dexuan Starting dracut pre-udev hook... [7.260424] alg: self-tests

Fix hibernation in FIPS mode?

Hi, MD5 was marked incompliant with FIPS in 2009: a3bef3a31a19 ("crypto: testmgr - Skip algs not flagged fips_allowed in fips mode") a1915d51e8e7 ("crypto: testmgr - Mark algs allowed in fips mode") But hibernation_e820_save() is still using MD5, and fails in FIPS mode due to the 2018 patch: 749f

Re: v5.12.0-rc5: the kernel panics if FIPS mode is on

On Mon, Mar 29, 2021 at 09:56:18PM +, Dexuan Cui wrote: > Hi all, > The v5.12.0-rc5 kernel (1e43c377a79f) panics with fips=1. > > Please refer to the below panic call-trace. The kernel config file and > the full kernel messages are also attached. > > Is this a known issue? > > Thanks, > -- D

[PATCH] Documentation: crypto: add info about "fips=" boot option

Jonathan Corbet Cc: linux-...@vger.kernel.org --- Updates/corrections welcome. Documentation/admin-guide/kernel-parameters.txt | 15 ++ 1 file changed, 15 insertions(+) --- linux-next-20210329.orig/Documentation/admin-guide/kernel-parameters.txt +++ linux-next-20210329/Documentatio

crypto: possible NULL reference

As I was trying to document "fips= here is not checked for NULL or not NULL before it is used. Nor is the use of in most other functions in ecc.c. Is there something else protecting the improper use of in these cases? or is a patch warranted? thanks. -- ~Randy

Re: [PATCH] Documentation: crypto: add info about "fips=" boot option

On Mon, Mar 29, 2021 at 09:00:01PM -0700, Randy Dunlap wrote: > > + If fips_enabled = 1, some crypto tests are skipped. I don't think any tests are skipped. It does however disable many algorithms by essentially failing them at the testing stage. Cheers, -- Email: Herbert Xu

Re: [PATCH] Documentation: crypto: add info about "fips=" boot option

On 3/29/21 9:37 PM, Herbert Xu wrote: > On Mon, Mar 29, 2021 at 09:00:01PM -0700, Randy Dunlap wrote: >> >> +If fips_enabled = 1, some crypto tests are skipped. > > I don't think any tests are skipped. It does however disable > many algorithms by essentially failing them at th

Re: [PATCH] Documentation: crypto: add info about "fips=" boot option

On Mon, Mar 29, 2021 at 10:00:45PM -0700, Randy Dunlap wrote: > On 3/29/21 9:37 PM, Herbert Xu wrote: > > On Mon, Mar 29, 2021 at 09:00:01PM -0700, Randy Dunlap wrote: > >> > >> + If fips_enabled = 1, some crypto tests are skipped. > > > > I don't think any tests are skipped. It

[PATCH v2] Documentation: crypto: add info about "fips=" boot option

Jonathan Corbet Cc: linux-...@vger.kernel.org --- Updates/corrections welcome. v2: drop comment that "fips_enabled can cause some tests to be skipped". Documentation/admin-guide/kernel-parameters.txt | 14 ++ 1 file changed, 14 insertions(+) --- linux-next-20210329.

Re: [PATCH v2] Documentation: crypto: add info about "fips=" boot option

skipped". > > Documentation/admin-guide/kernel-parameters.txt | 14 ++ > 1 file changed, 14 insertions(+) > > --- linux-next-20210329.orig/Documentation/admin-guide/kernel-parameters.txt > +++ linux-next-20210329/Documentation/admin-guide/kernel-parameters.txt >

RE: v5.12.0-rc5: the kernel panics if FIPS mode is on

> From: Eric Biggers > Sent: Monday, March 29, 2021 6:26 PM > ... > It looks like your userspace is using tcrypt.ko to request that the kernel > test > "ofb(aes)", but your kernel doesn't have CONFIG_CRYPTO_OFB enabled so the > test fails as expected. Hi Eric, Thanks for the explanation! Yes,