diff options
author | Jarod Wilson <jarod@redhat.com> | 2009-05-27 01:10:21 -0400 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2009-06-02 00:04:57 -0400 |
commit | 4e033a6bc70f094d36128c328f6ca725c6ca4b4c (patch) | |
tree | e400f6b98c48b4ec935e41ab070c1efbabe71068 | |
parent | 3ce858cb04de8bc83449eac707c8012a1944daca (diff) |
crypto: tcrypt - Do not exit on success in fips mode
At present, the tcrypt module always exits with an -EAGAIN upon
successfully completing all the tests its been asked to run. In fips
mode, integrity checking is done by running all self-tests from the
initrd, and its much simpler to check the ret from modprobe for
success than to scrape dmesg and/or /proc/crypto. Simply stay
loaded, giving modprobe a retval of 0, if self-tests all pass and
we're in fips mode.
A side-effect of tracking success/failure for fips mode is that in
non-fips mode, self-test failures will return the actual failure
return codes, rather than always returning -EAGAIN, which seems more
correct anyway.
The tcrypt_test() portion of the patch is dependent on my earlier
pair of patches that skip non-fips algs in fips mode, at least to
achieve the fully intended behavior.
Nb: testing this patch against the cryptodev tree revealed a test
failure for sha384, which I have yet to look into...
Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r-- | crypto/tcrypt.c | 164 |
1 files changed, 90 insertions, 74 deletions
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index 9e4974eb7825..d59ba5079d14 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include <linux/timex.h> | 27 | #include <linux/timex.h> |
28 | #include <linux/interrupt.h> | 28 | #include <linux/interrupt.h> |
29 | #include "tcrypt.h" | 29 | #include "tcrypt.h" |
30 | #include "internal.h" | ||
30 | 31 | ||
31 | /* | 32 | /* |
32 | * Need slab memory for testing (size in number of pages). | 33 | * Need slab memory for testing (size in number of pages). |
@@ -468,248 +469,255 @@ static void test_available(void) | |||
468 | 469 | ||
469 | static inline int tcrypt_test(const char *alg) | 470 | static inline int tcrypt_test(const char *alg) |
470 | { | 471 | { |
471 | return alg_test(alg, alg, 0, 0); | 472 | int ret; |
473 | |||
474 | ret = alg_test(alg, alg, 0, 0); | ||
475 | /* non-fips algs return -EINVAL in fips mode */ | ||
476 | if (fips_enabled && ret == -EINVAL) | ||
477 | ret = 0; | ||
478 | return ret; | ||
472 | } | 479 | } |
473 | 480 | ||
474 | static void do_test(int m) | 481 | static int do_test(int m) |
475 | { | 482 | { |
476 | int i; | 483 | int i; |
484 | int ret = 0; | ||
477 | 485 | ||
478 | switch (m) { | 486 | switch (m) { |
479 | case 0: | 487 | case 0: |
480 | for (i = 1; i < 200; i++) | 488 | for (i = 1; i < 200; i++) |
481 | do_test(i); | 489 | ret += do_test(i); |
482 | break; | 490 | break; |
483 | 491 | ||
484 | case 1: | 492 | case 1: |
485 | tcrypt_test("md5"); | 493 | ret += tcrypt_test("md5"); |
486 | break; | 494 | break; |
487 | 495 | ||
488 | case 2: | 496 | case 2: |
489 | tcrypt_test("sha1"); | 497 | ret += tcrypt_test("sha1"); |
490 | break; | 498 | break; |
491 | 499 | ||
492 | case 3: | 500 | case 3: |
493 | tcrypt_test("ecb(des)"); | 501 | ret += tcrypt_test("ecb(des)"); |
494 | tcrypt_test("cbc(des)"); | 502 | ret += tcrypt_test("cbc(des)"); |
495 | break; | 503 | break; |
496 | 504 | ||
497 | case 4: | 505 | case 4: |
498 | tcrypt_test("ecb(des3_ede)"); | 506 | ret += tcrypt_test("ecb(des3_ede)"); |
499 | tcrypt_test("cbc(des3_ede)"); | 507 | ret += tcrypt_test("cbc(des3_ede)"); |
500 | break; | 508 | break; |
501 | 509 | ||
502 | case 5: | 510 | case 5: |
503 | tcrypt_test("md4"); | 511 | ret += tcrypt_test("md4"); |
504 | break; | 512 | break; |
505 | 513 | ||
506 | case 6: | 514 | case 6: |
507 | tcrypt_test("sha256"); | 515 | ret += tcrypt_test("sha256"); |
508 | break; | 516 | break; |
509 | 517 | ||
510 | case 7: | 518 | case 7: |
511 | tcrypt_test("ecb(blowfish)"); | 519 | ret += tcrypt_test("ecb(blowfish)"); |
512 | tcrypt_test("cbc(blowfish)"); | 520 | ret += tcrypt_test("cbc(blowfish)"); |
513 | break; | 521 | break; |
514 | 522 | ||
515 | case 8: | 523 | case 8: |
516 | tcrypt_test("ecb(twofish)"); | 524 | ret += tcrypt_test("ecb(twofish)"); |
517 | tcrypt_test("cbc(twofish)"); | 525 | ret += tcrypt_test("cbc(twofish)"); |
518 | break; | 526 | break; |
519 | 527 | ||
520 | case 9: | 528 | case 9: |
521 | tcrypt_test("ecb(serpent)"); | 529 | ret += tcrypt_test("ecb(serpent)"); |
522 | break; | 530 | break; |
523 | 531 | ||
524 | case 10: | 532 | case 10: |
525 | tcrypt_test("ecb(aes)"); | 533 | ret += tcrypt_test("ecb(aes)"); |
526 | tcrypt_test("cbc(aes)"); | 534 | ret += tcrypt_test("cbc(aes)"); |
527 | tcrypt_test("lrw(aes)"); | 535 | ret += tcrypt_test("lrw(aes)"); |
528 | tcrypt_test("xts(aes)"); | 536 | ret += tcrypt_test("xts(aes)"); |
529 | tcrypt_test("ctr(aes)"); | 537 | ret += tcrypt_test("ctr(aes)"); |
530 | tcrypt_test("rfc3686(ctr(aes))"); | 538 | ret += tcrypt_test("rfc3686(ctr(aes))"); |
531 | break; | 539 | break; |
532 | 540 | ||
533 | case 11: | 541 | case 11: |
534 | tcrypt_test("sha384"); | 542 | ret += tcrypt_test("sha384"); |
535 | break; | 543 | break; |
536 | 544 | ||
537 | case 12: | 545 | case 12: |
538 | tcrypt_test("sha512"); | 546 | ret += tcrypt_test("sha512"); |
539 | break; | 547 | break; |
540 | 548 | ||
541 | case 13: | 549 | case 13: |
542 | tcrypt_test("deflate"); | 550 | ret += tcrypt_test("deflate"); |
543 | break; | 551 | break; |
544 | 552 | ||
545 | case 14: | 553 | case 14: |
546 | tcrypt_test("ecb(cast5)"); | 554 | ret += tcrypt_test("ecb(cast5)"); |
547 | break; | 555 | break; |
548 | 556 | ||
549 | case 15: | 557 | case 15: |
550 | tcrypt_test("ecb(cast6)"); | 558 | ret += tcrypt_test("ecb(cast6)"); |
551 | break; | 559 | break; |
552 | 560 | ||
553 | case 16: | 561 | case 16: |
554 | tcrypt_test("ecb(arc4)"); | 562 | ret += tcrypt_test("ecb(arc4)"); |
555 | break; | 563 | break; |
556 | 564 | ||
557 | case 17: | 565 | case 17: |
558 | tcrypt_test("michael_mic"); | 566 | ret += tcrypt_test("michael_mic"); |
559 | break; | 567 | break; |
560 | 568 | ||
561 | case 18: | 569 | case 18: |
562 | tcrypt_test("crc32c"); | 570 | ret += tcrypt_test("crc32c"); |
563 | break; | 571 | break; |
564 | 572 | ||
565 | case 19: | 573 | case 19: |
566 | tcrypt_test("ecb(tea)"); | 574 | ret += tcrypt_test("ecb(tea)"); |
567 | break; | 575 | break; |
568 | 576 | ||
569 | case 20: | 577 | case 20: |
570 | tcrypt_test("ecb(xtea)"); | 578 | ret += tcrypt_test("ecb(xtea)"); |
571 | break; | 579 | break; |
572 | 580 | ||
573 | case 21: | 581 | case 21: |
574 | tcrypt_test("ecb(khazad)"); | 582 | ret += tcrypt_test("ecb(khazad)"); |
575 | break; | 583 | break; |
576 | 584 | ||
577 | case 22: | 585 | case 22: |
578 | tcrypt_test("wp512"); | 586 | ret += tcrypt_test("wp512"); |
579 | break; | 587 | break; |
580 | 588 | ||
581 | case 23: | 589 | case 23: |
582 | tcrypt_test("wp384"); | 590 | ret += tcrypt_test("wp384"); |
583 | break; | 591 | break; |
584 | 592 | ||
585 | case 24: | 593 | case 24: |
586 | tcrypt_test("wp256"); | 594 | ret += tcrypt_test("wp256"); |
587 | break; | 595 | break; |
588 | 596 | ||
589 | case 25: | 597 | case 25: |
590 | tcrypt_test("ecb(tnepres)"); | 598 | ret += tcrypt_test("ecb(tnepres)"); |
591 | break; | 599 | break; |
592 | 600 | ||
593 | case 26: | 601 | case 26: |
594 | tcrypt_test("ecb(anubis)"); | 602 | ret += tcrypt_test("ecb(anubis)"); |
595 | tcrypt_test("cbc(anubis)"); | 603 | ret += tcrypt_test("cbc(anubis)"); |
596 | break; | 604 | break; |
597 | 605 | ||
598 | case 27: | 606 | case 27: |
599 | tcrypt_test("tgr192"); | 607 | ret += tcrypt_test("tgr192"); |
600 | break; | 608 | break; |
601 | 609 | ||
602 | case 28: | 610 | case 28: |
603 | 611 | ||
604 | tcrypt_test("tgr160"); | 612 | ret += tcrypt_test("tgr160"); |
605 | break; | 613 | break; |
606 | 614 | ||
607 | case 29: | 615 | case 29: |
608 | tcrypt_test("tgr128"); | 616 | ret += tcrypt_test("tgr128"); |
609 | break; | 617 | break; |
610 | 618 | ||
611 | case 30: | 619 | case 30: |
612 | tcrypt_test("ecb(xeta)"); | 620 | ret += tcrypt_test("ecb(xeta)"); |
613 | break; | 621 | break; |
614 | 622 | ||
615 | case 31: | 623 | case 31: |
616 | tcrypt_test("pcbc(fcrypt)"); | 624 | ret += tcrypt_test("pcbc(fcrypt)"); |
617 | break; | 625 | break; |
618 | 626 | ||
619 | case 32: | 627 | case 32: |
620 | tcrypt_test("ecb(camellia)"); | 628 | ret += tcrypt_test("ecb(camellia)"); |
621 | tcrypt_test("cbc(camellia)"); | 629 | ret += tcrypt_test("cbc(camellia)"); |
622 | break; | 630 | break; |
623 | case 33: | 631 | case 33: |
624 | tcrypt_test("sha224"); | 632 | ret += tcrypt_test("sha224"); |
625 | break; | 633 | break; |
626 | 634 | ||
627 | case 34: | 635 | case 34: |
628 | tcrypt_test("salsa20"); | 636 | ret += tcrypt_test("salsa20"); |
629 | break; | 637 | break; |
630 | 638 | ||
631 | case 35: | 639 | case 35: |
632 | tcrypt_test("gcm(aes)"); | 640 | ret += tcrypt_test("gcm(aes)"); |
633 | break; | 641 | break; |
634 | 642 | ||
635 | case 36: | 643 | case 36: |
636 | tcrypt_test("lzo"); | 644 | ret += tcrypt_test("lzo"); |
637 | break; | 645 | break; |
638 | 646 | ||
639 | case 37: | 647 | case 37: |
640 | tcrypt_test("ccm(aes)"); | 648 | ret += tcrypt_test("ccm(aes)"); |
641 | break; | 649 | break; |
642 | 650 | ||
643 | case 38: | 651 | case 38: |
644 | tcrypt_test("cts(cbc(aes))"); | 652 | ret += tcrypt_test("cts(cbc(aes))"); |
645 | break; | 653 | break; |
646 | 654 | ||
647 | case 39: | 655 | case 39: |
648 | tcrypt_test("rmd128"); | 656 | ret += tcrypt_test("rmd128"); |
649 | break; | 657 | break; |
650 | 658 | ||
651 | case 40: | 659 | case 40: |
652 | tcrypt_test("rmd160"); | 660 | ret += tcrypt_test("rmd160"); |
653 | break; | 661 | break; |
654 | 662 | ||
655 | case 41: | 663 | case 41: |
656 | tcrypt_test("rmd256"); | 664 | ret += tcrypt_test("rmd256"); |
657 | break; | 665 | break; |
658 | 666 | ||
659 | case 42: | 667 | case 42: |
660 | tcrypt_test("rmd320"); | 668 | ret += tcrypt_test("rmd320"); |
661 | break; | 669 | break; |
662 | 670 | ||
663 | case 43: | 671 | case 43: |
664 | tcrypt_test("ecb(seed)"); | 672 | ret += tcrypt_test("ecb(seed)"); |
665 | break; | 673 | break; |
666 | 674 | ||
667 | case 44: | 675 | case 44: |
668 | tcrypt_test("zlib"); | 676 | ret += tcrypt_test("zlib"); |
669 | break; | 677 | break; |
670 | 678 | ||
671 | case 45: | 679 | case 45: |
672 | tcrypt_test("rfc4309(ccm(aes))"); | 680 | ret += tcrypt_test("rfc4309(ccm(aes))"); |
673 | break; | 681 | break; |
674 | 682 | ||
675 | case 100: | 683 | case 100: |
676 | tcrypt_test("hmac(md5)"); | 684 | ret += tcrypt_test("hmac(md5)"); |
677 | break; | 685 | break; |
678 | 686 | ||
679 | case 101: | 687 | case 101: |
680 | tcrypt_test("hmac(sha1)"); | 688 | ret += tcrypt_test("hmac(sha1)"); |
681 | break; | 689 | break; |
682 | 690 | ||
683 | case 102: | 691 | case 102: |
684 | tcrypt_test("hmac(sha256)"); | 692 | ret += tcrypt_test("hmac(sha256)"); |
685 | break; | 693 | break; |
686 | 694 | ||
687 | case 103: | 695 | case 103: |
688 | tcrypt_test("hmac(sha384)"); | 696 | ret += tcrypt_test("hmac(sha384)"); |
689 | break; | 697 | break; |
690 | 698 | ||
691 | case 104: | 699 | case 104: |
692 | tcrypt_test("hmac(sha512)"); | 700 | ret += tcrypt_test("hmac(sha512)"); |
693 | break; | 701 | break; |
694 | 702 | ||
695 | case 105: | 703 | case 105: |
696 | tcrypt_test("hmac(sha224)"); | 704 | ret += tcrypt_test("hmac(sha224)"); |
697 | break; | 705 | break; |
698 | 706 | ||
699 | case 106: | 707 | case 106: |
700 | tcrypt_test("xcbc(aes)"); | 708 | ret += tcrypt_test("xcbc(aes)"); |
701 | break; | 709 | break; |
702 | 710 | ||
703 | case 107: | 711 | case 107: |
704 | tcrypt_test("hmac(rmd128)"); | 712 | ret += tcrypt_test("hmac(rmd128)"); |
705 | break; | 713 | break; |
706 | 714 | ||
707 | case 108: | 715 | case 108: |
708 | tcrypt_test("hmac(rmd160)"); | 716 | ret += tcrypt_test("hmac(rmd160)"); |
709 | break; | 717 | break; |
710 | 718 | ||
711 | case 150: | 719 | case 150: |
712 | tcrypt_test("ansi_cprng"); | 720 | ret += tcrypt_test("ansi_cprng"); |
713 | break; | 721 | break; |
714 | 722 | ||
715 | case 200: | 723 | case 200: |
@@ -873,6 +881,8 @@ static void do_test(int m) | |||
873 | test_available(); | 881 | test_available(); |
874 | break; | 882 | break; |
875 | } | 883 | } |
884 | |||
885 | return ret; | ||
876 | } | 886 | } |
877 | 887 | ||
878 | static int __init tcrypt_mod_init(void) | 888 | static int __init tcrypt_mod_init(void) |
@@ -886,15 +896,21 @@ static int __init tcrypt_mod_init(void) | |||
886 | goto err_free_tv; | 896 | goto err_free_tv; |
887 | } | 897 | } |
888 | 898 | ||
889 | do_test(mode); | 899 | err = do_test(mode); |
900 | if (err) { | ||
901 | printk(KERN_ERR "tcrypt: one or more tests failed!\n"); | ||
902 | goto err_free_tv; | ||
903 | } | ||
890 | 904 | ||
891 | /* We intentionaly return -EAGAIN to prevent keeping | 905 | /* We intentionaly return -EAGAIN to prevent keeping the module, |
892 | * the module. It does all its work from init() | 906 | * unless we're running in fips mode. It does all its work from |
893 | * and doesn't offer any runtime functionality | 907 | * init() and doesn't offer any runtime functionality, but in |
908 | * the fips case, checking for a successful load is helpful. | ||
894 | * => we don't need it in the memory, do we? | 909 | * => we don't need it in the memory, do we? |
895 | * -- mludvig | 910 | * -- mludvig |
896 | */ | 911 | */ |
897 | err = -EAGAIN; | 912 | if (!fips_enabled) |
913 | err = -EAGAIN; | ||
898 | 914 | ||
899 | err_free_tv: | 915 | err_free_tv: |
900 | for (i = 0; i < TVMEMSIZE && tvmem[i]; i++) | 916 | for (i = 0; i < TVMEMSIZE && tvmem[i]; i++) |