aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/testmgr.c
diff options
context:
space:
mode:
authorWolfgang Wiedmeyer <wolfgit@wiedmeyer.de>2015-10-25 13:21:06 +0100
committerWolfgang Wiedmeyer <wolfgit@wiedmeyer.de>2015-10-25 13:21:06 +0100
commit81cf65ff6fa1af7199001a61ce126e57b64ce98a (patch)
tree71cce1dd8b8fd1e68ff8786dafd58fd2bec0b804 /crypto/testmgr.c
parent02352a56e21d0f215000c4cbb474c2cac5309661 (diff)
downloadkernel_samsung_smdk4412-81cf65ff6fa1af7199001a61ce126e57b64ce98a.zip
kernel_samsung_smdk4412-81cf65ff6fa1af7199001a61ce126e57b64ce98a.tar.gz
kernel_samsung_smdk4412-81cf65ff6fa1af7199001a61ce126e57b64ce98a.tar.bz2
crypto merged
Diffstat (limited to 'crypto/testmgr.c')
-rw-r--r--crypto/testmgr.c92
1 files changed, 15 insertions, 77 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 3a914c7..b6b93d4 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -30,7 +30,7 @@
#include "internal.h"
-#ifndef CONFIG_CRYPTO_MANAGER_TESTS
+#ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
/* a perfect nop */
int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
@@ -38,14 +38,6 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
return 0;
}
-#ifdef CONFIG_CRYPTO_FIPS
-bool in_fips_err()
-{
- return false;
-}
-EXPORT_SYMBOL_GPL(in_fips_err);
-#endif
-
#else
#include "testmgr.h"
@@ -73,12 +65,6 @@ EXPORT_SYMBOL_GPL(in_fips_err);
#define ENCRYPT 1
#define DECRYPT 0
-#ifdef CONFIG_CRYPTO_FIPS
-#define FIPS_ERR 1
-#define FIPS_NO_ERR 0
-static int IN_FIPS_ERROR = FIPS_NO_ERR;
-#endif
-
struct tcrypt_result {
struct completion completion;
int err;
@@ -140,19 +126,6 @@ struct alg_test_desc {
static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
-#ifdef CONFIG_CRYPTO_FIPS
-bool in_fips_err()
-{
- return (IN_FIPS_ERROR == FIPS_ERR);
-}
-EXPORT_SYMBOL_GPL(in_fips_err);
-
-void set_in_fips_err()
-{
- IN_FIPS_ERROR = FIPS_ERR;
-}
-#endif
-
static void hexdump(unsigned char *buf, unsigned int len)
{
print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
@@ -1719,9 +1692,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "ccm(aes)",
.test = alg_test_aead,
-#ifdef CONFIG_CRYPTO_CCM
.fips_allowed = 1,
-#endif
.suite = {
.aead = {
.enc = {
@@ -2090,9 +2061,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "gcm(aes)",
.test = alg_test_aead,
-#ifdef CONFIG_CRYPTO_GCM
.fips_allowed = 1,
-#endif
.suite = {
.aead = {
.enc = {
@@ -2108,6 +2077,7 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "ghash",
.test = alg_test_hash,
+ .fips_allowed = 1,
.suite = {
.hash = {
.vecs = ghash_tv_template,
@@ -2298,9 +2268,6 @@ static const struct alg_test_desc alg_test_descs[] = {
}, {
.alg = "rfc4106(gcm(aes))",
.test = alg_test_aead,
-#ifdef CONFIG_CRYPTO_GCM
- .fips_allowed = 1,
-#endif
.suite = {
.aead = {
.enc = {
@@ -2318,9 +2285,7 @@ static const struct alg_test_desc alg_test_descs[] = {
.alg = "rfc4309(ccm(aes))",
.test = alg_test_aead,
-#ifdef CONFIG_CRYPTO_CCM
.fips_allowed = 1,
-#endif
.suite = {
.aead = {
.enc = {
@@ -2565,10 +2530,7 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
{
int i;
int j;
- int rc = 0;
-#ifdef CONFIG_CRYPTO_FIPS
- fips_enabled = 1;
-#endif
+ int rc;
if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
char nalg[CRYPTO_MAX_ALG_NAME];
@@ -2593,6 +2555,11 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
if (i < 0 && j < 0)
goto notest;
+ if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
+ (j >= 0 && !alg_test_descs[j].fips_allowed)))
+ goto non_fips_alg;
+
+ rc = 0;
if (i >= 0)
rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
type, mask);
@@ -2600,52 +2567,23 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
type, mask);
- if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
- (j >= 0 && !alg_test_descs[j].fips_allowed)))
- goto non_fips_alg;
-
test_done:
- if (fips_enabled && rc) {
- printk(KERN_INFO
- "FIPS: %s: %s alg self test failed\n",
- driver, alg);
-#ifdef CONFIG_CRYPTO_FIPS
- IN_FIPS_ERROR = FIPS_ERR;
-#endif
- return rc;
- }
+ if (fips_enabled && rc)
+ panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
if (fips_enabled && !rc)
- printk(KERN_INFO "FIPS: self-tests for %s (%s) passed\n",
- driver, alg);
+ printk(KERN_INFO "alg: self-tests for %s (%s) passed\n",
+ driver, alg);
return rc;
notest:
- printk(KERN_INFO "FIPS: No test for %s (%s)\n", alg, driver);
+ printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
return 0;
non_fips_alg:
- if (!rc)
- printk(KERN_INFO
- "FIPS: self-tests for non-FIPS %s (%s) passed\n",
- driver, alg);
- else
- printk(KERN_INFO
- "FIPS: self-tests for non-FIPS %s (%s) failed\n",
- alg, driver);
- return rc;
-}
-
-int testmgr_crypto_proc_init(void)
-{
-#ifdef CONFIG_CRYPTO_FIPS
- crypto_init_proc(&IN_FIPS_ERROR);
-#else
- crypto_init_proc();
-#endif
- return 0;
+ return -EINVAL;
}
-#endif /* CONFIG_CRYPTO_MANAGER_TESTS */
+#endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
EXPORT_SYMBOL_GPL(alg_test);