diff options
author | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2015-10-25 13:21:06 +0100 |
---|---|---|
committer | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2015-10-25 13:21:06 +0100 |
commit | 81cf65ff6fa1af7199001a61ce126e57b64ce98a (patch) | |
tree | 71cce1dd8b8fd1e68ff8786dafd58fd2bec0b804 /crypto/testmgr.c | |
parent | 02352a56e21d0f215000c4cbb474c2cac5309661 (diff) | |
download | kernel_samsung_smdk4412-81cf65ff6fa1af7199001a61ce126e57b64ce98a.zip kernel_samsung_smdk4412-81cf65ff6fa1af7199001a61ce126e57b64ce98a.tar.gz kernel_samsung_smdk4412-81cf65ff6fa1af7199001a61ce126e57b64ce98a.tar.bz2 |
crypto merged
Diffstat (limited to 'crypto/testmgr.c')
-rw-r--r-- | crypto/testmgr.c | 92 |
1 files changed, 15 insertions, 77 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 3a914c7..b6b93d4 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -30,7 +30,7 @@ #include "internal.h" -#ifndef CONFIG_CRYPTO_MANAGER_TESTS +#ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS /* a perfect nop */ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) @@ -38,14 +38,6 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) return 0; } -#ifdef CONFIG_CRYPTO_FIPS -bool in_fips_err() -{ - return false; -} -EXPORT_SYMBOL_GPL(in_fips_err); -#endif - #else #include "testmgr.h" @@ -73,12 +65,6 @@ EXPORT_SYMBOL_GPL(in_fips_err); #define ENCRYPT 1 #define DECRYPT 0 -#ifdef CONFIG_CRYPTO_FIPS -#define FIPS_ERR 1 -#define FIPS_NO_ERR 0 -static int IN_FIPS_ERROR = FIPS_NO_ERR; -#endif - struct tcrypt_result { struct completion completion; int err; @@ -140,19 +126,6 @@ struct alg_test_desc { static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 }; -#ifdef CONFIG_CRYPTO_FIPS -bool in_fips_err() -{ - return (IN_FIPS_ERROR == FIPS_ERR); -} -EXPORT_SYMBOL_GPL(in_fips_err); - -void set_in_fips_err() -{ - IN_FIPS_ERROR = FIPS_ERR; -} -#endif - static void hexdump(unsigned char *buf, unsigned int len) { print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET, @@ -1719,9 +1692,7 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "ccm(aes)", .test = alg_test_aead, -#ifdef CONFIG_CRYPTO_CCM .fips_allowed = 1, -#endif .suite = { .aead = { .enc = { @@ -2090,9 +2061,7 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "gcm(aes)", .test = alg_test_aead, -#ifdef CONFIG_CRYPTO_GCM .fips_allowed = 1, -#endif .suite = { .aead = { .enc = { @@ -2108,6 +2077,7 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "ghash", .test = alg_test_hash, + .fips_allowed = 1, .suite = { .hash = { .vecs = ghash_tv_template, @@ -2298,9 +2268,6 @@ static const struct alg_test_desc alg_test_descs[] = { }, { .alg = "rfc4106(gcm(aes))", .test = alg_test_aead, -#ifdef CONFIG_CRYPTO_GCM - .fips_allowed = 1, -#endif .suite = { .aead = { .enc = { @@ -2318,9 +2285,7 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "rfc4309(ccm(aes))", .test = alg_test_aead, -#ifdef CONFIG_CRYPTO_CCM .fips_allowed = 1, -#endif .suite = { .aead = { .enc = { @@ -2565,10 +2530,7 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) { int i; int j; - int rc = 0; -#ifdef CONFIG_CRYPTO_FIPS - fips_enabled = 1; -#endif + int rc; if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { char nalg[CRYPTO_MAX_ALG_NAME]; @@ -2593,6 +2555,11 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) if (i < 0 && j < 0) goto notest; + if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) || + (j >= 0 && !alg_test_descs[j].fips_allowed))) + goto non_fips_alg; + + rc = 0; if (i >= 0) rc |= alg_test_descs[i].test(alg_test_descs + i, driver, type, mask); @@ -2600,52 +2567,23 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) rc |= alg_test_descs[j].test(alg_test_descs + j, driver, type, mask); - if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) || - (j >= 0 && !alg_test_descs[j].fips_allowed))) - goto non_fips_alg; - test_done: - if (fips_enabled && rc) { - printk(KERN_INFO - "FIPS: %s: %s alg self test failed\n", - driver, alg); -#ifdef CONFIG_CRYPTO_FIPS - IN_FIPS_ERROR = FIPS_ERR; -#endif - return rc; - } + if (fips_enabled && rc) + panic("%s: %s alg self test failed in fips mode!\n", driver, alg); if (fips_enabled && !rc) - printk(KERN_INFO "FIPS: self-tests for %s (%s) passed\n", - driver, alg); + printk(KERN_INFO "alg: self-tests for %s (%s) passed\n", + driver, alg); return rc; notest: - printk(KERN_INFO "FIPS: No test for %s (%s)\n", alg, driver); + printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver); return 0; non_fips_alg: - if (!rc) - printk(KERN_INFO - "FIPS: self-tests for non-FIPS %s (%s) passed\n", - driver, alg); - else - printk(KERN_INFO - "FIPS: self-tests for non-FIPS %s (%s) failed\n", - alg, driver); - return rc; -} - -int testmgr_crypto_proc_init(void) -{ -#ifdef CONFIG_CRYPTO_FIPS - crypto_init_proc(&IN_FIPS_ERROR); -#else - crypto_init_proc(); -#endif - return 0; + return -EINVAL; } -#endif /* CONFIG_CRYPTO_MANAGER_TESTS */ +#endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */ EXPORT_SYMBOL_GPL(alg_test); |