iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/crypto
History
Jarod Wilson 002c77a48b crypto: fips - only panic on bad/missing crypto mod signatures 
Per further discussion with NIST, the requirements for FIPS state that
we only need to panic the system on failed kernel module signature checks
for crypto subsystem modules. This moves the fips-mode-only module
signature check out of the generic module loading code, into the crypto
subsystem, at points where we can catch both algorithm module loads and
mode module loads. At the same time, make CONFIG_CRYPTO_FIPS dependent on
CONFIG_MODULE_SIG, as this is entirely necessary for FIPS mode.

v2: remove extraneous blank line, perform checks in static inline
function, drop no longer necessary fips.h include.

CC: "David S. Miller" <davem@davemloft.net>
CC: Rusty Russell <rusty@rustcorp.com.au>
CC: Stephan Mueller <stephan.mueller@atsec.com>
Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-07-03 21:38:32 +08:00
..
asymmetric_keys
Revert "KEYS: verify a certificate is signed by a 'trusted' key"
2013-11-23 16:38:17 -08:00
async_tx
Merge commit 'dmaengine-3.13-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/dmaengine
2013-11-16 12:02:36 +05:30
842.c
crypto: 842 - remove .cra_list initialization
2012-09-07 04:17:06 +08:00
ablk_helper.c
crypto: ablk_helper - Replace memcpy with struct assignment
2013-10-07 14:16:57 +08:00
ablkcipher.c
crypto: skcipher - Use eseqiv even on UP machines
2013-10-30 09:51:45 +08:00
aead.c
crypto: user - fix info leaks in report API
2013-02-19 20:27:03 +08:00
aes_generic.c
crypto: make tables used from assembler __visible
2013-08-14 20:42:03 +10:00
af_alg.c
tree-wide: use reinit_completion instead of INIT_COMPLETION
2013-11-15 09:32:21 +09:00
ahash.c
crypto: hash - Add real ahash walk interface
2014-05-21 20:56:12 +08:00
algapi.c
crypto: fips - only panic on bad/missing crypto mod signatures
2014-07-03 21:38:32 +08:00
algboss.c
crypto: algboss - Hold ref count on larval
2013-06-25 19:15:17 +08:00
algif_hash.c
net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST
2013-11-29 16:32:54 -05:00
algif_skcipher.c
net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST
2013-11-29 16:32:54 -05:00
ansi_cprng.c
crypto: ansi_cprng - Fix off by one error in non-block size request
2013-09-24 06:02:23 +10:00
anubis.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
api.c
crypto: api - Fix race condition in larval lookup
2013-09-08 14:33:50 +10:00
arc4.c
crypto: arc4 - improve performance by using u32 for ctx and variables
2012-06-14 10:07:23 +08:00
authenc.c
crypto: authenc - Find proper IV address in ablkcipher callback
2013-11-28 22:16:23 +08:00
authencesn.c
crypto: authencesn - Simplify key parsing
2013-10-16 20:56:25 +08:00
blkcipher.c
crypto: allow blkcipher walks over AEAD data
2014-03-10 20:17:11 +08:00
blowfish_common.c
crypto: blowfish - split generic and common c code
2011-09-22 21:25:25 +10:00
blowfish_generic.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
camellia_generic.c
crypto: camellia_generic - replace commas by semicolons and adjust code alignment
2013-08-21 21:08:33 +10:00
cast5_generic.c
crypto: cast5/cast6 - move lookup tables to shared module
2012-12-06 17:16:26 +08:00
cast6_generic.c
crypto: cast5/cast6 - move lookup tables to shared module
2012-12-06 17:16:26 +08:00
cast_common.c
crypto: make tables used from assembler __visible
2013-08-14 20:42:03 +10:00
cbc.c
Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p)
2008-02-07 08:42:26 -08:00
ccm.c
crypto: ccm - Fix handling of zero plaintext when computing mac
2013-11-28 22:25:17 +08:00
chainiv.c
arch: Mass conversion of smp_mb__*()
2014-04-18 14:20:48 +02:00
cipher.c
crypto: cipher - Fix checkpatch errors
2010-02-16 20:31:37 +08:00
cmac.c
crypto: add CMAC support to CryptoAPI
2013-04-25 21:01:47 +08:00
compress.c
crypto: compress - Fix checkpatch errors
2010-02-16 20:31:04 +08:00
crc32.c
crypto: crc32 - add crc32 pclmulqdq implementation and wrappers for table implementation
2013-01-20 10:16:45 +11:00
crc32c_generic.c
CRC32C: Add soft module dependency to load other accelerated crc32c modules
2014-02-25 19:45:04 +08:00
crct10dif_common.c
crypto: crct10dif - Add fallback for broken initrds
2013-09-12 15:31:34 +10:00
crct10dif_generic.c
crypto: crct10dif - Add fallback for broken initrds
2013-09-12 15:31:34 +10:00
cryptd.c
crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption
2012-10-24 21:21:18 +08:00
crypto_null.c
crypto: export NULL algorithms defines
2014-03-21 21:54:26 +08:00
crypto_user.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6 into next
2014-06-07 19:44:40 -07:00
crypto_wq.c
crypto: crypto_wq - Fix late crypto work queue initialization
2014-03-21 21:54:28 +08:00
ctr.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2013-02-25 15:56:15 -08:00
cts.c
crypto: use ERR_CAST
2013-02-04 21:16:53 +08:00
deflate.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
des_generic.c
crypto: des_3des - add x86-64 assembly implementation
2014-06-20 21:27:58 +08:00
drbg.c
crypto: drbg - simplify ordering of linked list in drbg_ctr_df
2014-06-26 14:46:31 +08:00
ecb.c
crypto: ecb - Fix checkpatch errors
2010-02-16 20:33:49 +08:00
eseqiv.c
crypto: Use scatterwalk_crypto_chain
2010-12-02 14:47:16 +08:00
fcrypt.c
crypto: fcrypt - Fix bitoperation for compilation with clang
2013-09-02 20:32:58 +10:00
fips.c
crypto: api - Add fips_enable flag
2008-08-29 15:50:02 +10:00
gcm.c
crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks
2013-10-07 14:17:06 +08:00
gf128mul.c
crypto: gf128mul - fix call to memset()
2011-07-08 17:21:21 +08:00
ghash-generic.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
hash_info.c
crypto: provide single place for hash algo information
2013-10-25 17:14:03 -04:00
hmac.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
internal.h
crypto: algboss - Hold ref count on larval
2013-06-25 19:15:17 +08:00
Kconfig
crypto: fips - only panic on bad/missing crypto mod signatures
2014-07-03 21:38:32 +08:00
khazad.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
krng.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
lrw.c
crypto: lrw - add interface for parallelized cipher implementions
2011-11-09 11:50:31 +08:00
lz4.c
crypto: add lz4 Cryptographic API
2013-07-09 10:33:30 -07:00
lz4hc.c
crypto: add lz4 Cryptographic API
2013-07-09 10:33:30 -07:00
lzo.c
crypto: lzo - use kvfree() helper
2014-06-25 21:51:53 +08:00
Makefile
crypto: drbg - compile the DRBG code
2014-06-20 21:26:10 +08:00
md4.c
crypto: add module.h to those files that are explicitly using it
2011-10-31 19:31:11 -04:00
md5.c
crypto: Move md5_transform to lib/md5.c
2011-08-06 18:32:45 -07:00
memneq.c
crypto: memneq - fix for archs without efficient unaligned access
2013-12-09 20:09:12 +08:00
michael_mic.c
crypto: michael_mic - Switch to shash
2008-12-25 11:02:24 +11:00
pcbc.c
Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p)
2008-02-07 08:42:26 -08:00
pcompress.c
crypto: user - fix info leaks in report API
2013-02-19 20:27:03 +08:00
pcrypt.c
crypto: pcrypt - Fix wrong usage of rcu_dereference()
2013-12-05 21:28:42 +08:00
proc.c
crypto: add module.h to those files that are explicitly using it
2011-10-31 19:31:11 -04:00
ripemd.h
[CRYPTO] ripemd: Put all common RIPEMD values in header file
2008-07-10 20:35:12 +08:00
rmd128.c
crypto: ripemd - Set module author and update email address
2011-01-04 23:34:03 +11:00
rmd160.c
crypto: ripemd - Set module author and update email address
2011-01-04 23:34:03 +11:00
rmd256.c
crypto: ripemd - Set module author and update email address
2011-01-04 23:34:03 +11:00
rmd320.c
crypto: ripemd - Set module author and update email address
2011-01-04 23:34:03 +11:00
rng.c
crypto: user - fix info leaks in report API
2013-02-19 20:27:03 +08:00
salsa20_generic.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
scatterwalk.c
crypto: scatterwalk - Add support for calculating number of SG elements
2013-08-21 21:27:58 +10:00
seed.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
seqiv.c
crypto: use ERR_CAST
2013-02-04 21:16:53 +08:00
serpent_generic.c
crypto: serpent - use crypto_[un]register_algs
2012-08-01 17:47:25 +08:00
sha1_generic.c
crypto: sha1 - export sha1_update for reuse
2011-08-10 19:00:28 +08:00
sha256_generic.c
crypto: sha256 - Expose SHA256 generic routine to be callable externally.
2013-04-03 09:06:31 +08:00
sha512_generic.c
crypto: sha512_generic - set cra_driver_name
2013-05-28 15:43:04 +08:00
shash.c
crypto: LLVMLinux: aligned-attribute.patch
2014-06-07 11:44:39 -07:00
tcrypt.c
crypto: tcrypt - add ctr(des3_ede) sync speed test
2014-06-20 21:27:57 +08:00
tcrypt.h
crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite
2013-12-20 20:06:25 +08:00
tea.c
crypto: tea - use crypto_[un]register_algs
2012-08-01 17:47:24 +08:00
testmgr.c
crypto: drbg - Add DRBG test code to testmgr
2014-06-20 21:26:10 +08:00
testmgr.h
crypto: testmgr - add 4 more test vectors for GHASH
2014-06-21 01:59:29 +08:00
tgr192.c
crypto: tiger - use crypto_[un]register_shashes
2012-08-01 17:47:26 +08:00
twofish_common.c
crypto: twofish-x86_64-3way - add lrw support
2011-11-09 11:53:32 +08:00
twofish_generic.c
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
2012-08-01 17:47:27 +08:00
vmac.c
crypto: vmac - Make VMAC work when blocks aren't aligned
2012-10-15 22:33:20 +08:00
wp512.c
crypto: whirlpool - use crypto_[un]register_shashes
2012-08-01 17:47:27 +08:00
xcbc.c
crypto: add module.h to those files that are explicitly using it
2011-10-31 19:31:11 -04:00
xor.c
add further __init annotations to crypto/xor.c
2012-10-11 13:42:32 +11:00
xts.c
crypto: xts: add interface for parallelized cipher implementations
2011-11-09 11:56:06 +08:00
zlib.c
net+crypto: Use vmalloc for zlib inflate buffers.
2011-06-29 05:48:41 -07:00