diff options
| author | Neil Horman <nhorman@tuxdriver.com> | 2009-06-18 07:50:21 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2009-06-18 07:50:21 -0400 |
| commit | 5b739ef8a4e8cf5201d21abff897e292c232477b (patch) | |
| tree | 6301126016ad869997b4ef31973999e16049dfeb /crypto | |
| parent | b6f34d44cb341ad32f08717d1a2c418e6053a031 (diff) | |
random: Add optional continuous repetition test to entropy store based rngs
FIPS-140 requires that all random number generators implement continuous self
tests in which each extracted block of data is compared against the last block
for repetition. The ansi_cprng implements such a test, but it would be nice if
the hw rng's did the same thing. Obviously its not something thats always
needed, but it seems like it would be a nice feature to have on occasion. I've
written the below patch which allows individual entropy stores to be flagged as
desiring a continuous test to be run on them as is extracted. By default this
option is off, but is enabled in the event that fips mode is selected during
bootup.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Matt Mackall <mpm@selenic.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/internal.h | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/crypto/internal.h b/crypto/internal.h index 113579a82dff..95baaea21fbc 100644 --- a/crypto/internal.h +++ b/crypto/internal.h | |||
| @@ -25,12 +25,7 @@ | |||
| 25 | #include <linux/notifier.h> | 25 | #include <linux/notifier.h> |
| 26 | #include <linux/rwsem.h> | 26 | #include <linux/rwsem.h> |
| 27 | #include <linux/slab.h> | 27 | #include <linux/slab.h> |
| 28 | 28 | #include <linux/fips.h> | |
| 29 | #ifdef CONFIG_CRYPTO_FIPS | ||
| 30 | extern int fips_enabled; | ||
| 31 | #else | ||
| 32 | #define fips_enabled 0 | ||
| 33 | #endif | ||
| 34 | 29 | ||
| 35 | /* Crypto notification events. */ | 30 | /* Crypto notification events. */ |
| 36 | enum { | 31 | enum { |