From patchwork Thu Dec 29 20:37:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladis Dronov X-Patchwork-Id: 3399 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp2580987wrt; Thu, 29 Dec 2022 12:40:19 -0800 (PST) X-Google-Smtp-Source: AMrXdXvQHWfZmqTQUoiH6DoVEAHdK1gjWLDzYO/WzqVyUEBF/5GAs3K6b3A3tns10QMLNNbYhdj4 X-Received: by 2002:a05:6402:1944:b0:45c:835c:1ecc with SMTP id f4-20020a056402194400b0045c835c1eccmr30641780edz.26.1672346418848; Thu, 29 Dec 2022 12:40:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672346418; cv=none; d=google.com; s=arc-20160816; b=fGXf10yY+H7Ce0SxjcB83HQJmq06q0ivxAmS4DBMYd5gDZRsqFdukb3wreQVHNkpNc Eu3rEE/iEsBHglMyHu8fOLHiiQQ8sZZzXAW4DtGyX3t2eEWeMskB2EkBDI8F17fo0A99 8vsR1mAx1q81q1vYqdVykog7iNxoT9sSgbH6IkJCn8KZyoLG1HwugHMarF7GPM4zUdrS Cb37NB26tNP+p2dZxOyzVdrPIm60VTvYmsLocVhEpTDBByNFzvKBwi4kI/KzwJIyRLsm yPR7paLXrkMttXo1z8lvSMtj/zkQwu4sOMqvvMgdO9CiR3enuf8oF2JnE+QkUl0DcGud ngaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=CxtpMgRv0k0qCDaERH6Q08EjUCmn4oR74f97lfTFabI=; b=UNvC2rxRnjn0D9JhffR+BJObY0i/C6KZ2dfTv21dargDR98h7y0AFqmDzDkndMErXl 68vInLDWVpucaCpEPVofPQrRYMtEHDswCCkJUImxmILLt226yednq9sKa4mJU+nl48c8 oVxokprE/EumbgygnmPs7727vk70NEC+y1cCJNkfLfsUsarln4C2H1JDSHIXHp42fge7 6THhilXmdIeBy22FxwxgfYNSAi6HF4uAvVO6WavEUYnP87NTDuqoNOv62Y1PVFbhmNjO VDZtuQFu47VOTy881ic1tr2rmyFC5nxTnO6hNlZLmrhHAsQ15JSIC1bUfI/3QadtUCLF iwZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=CQm9upLu; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id wg1-20020a17090705c100b008327270a7e0si15952365ejb.65.2022.12.29.12.39.54; Thu, 29 Dec 2022 12:40:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=CQm9upLu; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234031AbiL2Uj2 (ORCPT + 99 others); Thu, 29 Dec 2022 15:39:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51410 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234092AbiL2Uic (ORCPT ); Thu, 29 Dec 2022 15:38:32 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EB17917059 for ; Thu, 29 Dec 2022 12:37:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1672346264; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CxtpMgRv0k0qCDaERH6Q08EjUCmn4oR74f97lfTFabI=; b=CQm9upLuMj3t89XZtgxVF2+ZML5v/LnPTHntpR+pbwU0FWJ1WAppOdyA/PH0XNV2Mu6K73 TlXblsMzrr7wjiCqKTyJ6/QyAyM7Q+Lpbzj+t5lryxV9Xc5CCNwXfYJiG3iWRCE24hf9b1 S3+y/HLX4r3vvko9RoF3U4JQlR5Q6mc= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-624-OqHRH9skM9qLEFXXrqUGOA-1; Thu, 29 Dec 2022 15:37:40 -0500 X-MC-Unique: OqHRH9skM9qLEFXXrqUGOA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5CEB68F6E88; Thu, 29 Dec 2022 20:37:40 +0000 (UTC) Received: from rules.brq.redhat.com (ovpn-208-2.brq.redhat.com [10.40.208.2]) by smtp.corp.redhat.com (Postfix) with ESMTP id BCB9C1121339; Thu, 29 Dec 2022 20:37:37 +0000 (UTC) From: Vladis Dronov To: Herbert Xu , "David S . Miller" Cc: Nicolai Stange , Elliott Robert , Stephan Mueller , Eric Biggers , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Vladis Dronov Subject: [PATCH v2 0/6] Trivial set of FIPS 140-3 related changes Date: Thu, 29 Dec 2022 21:37:02 +0100 Message-Id: <20221229203708.13628-1-vdronov@redhat.com> MIME-Version: 1.0 Content-type: text/plain X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1753582318724313950?= X-GMAIL-MSGID: =?utf-8?q?1753582318724313950?= Hi, This patchset and cover letter was initially composed by Nicolai Stange and sent earlier as: https://lore.kernel.org/r/20221108142025.13461-1-nstange@suse.de/ with a subject: [PATCH 0/4] Trivial set of FIPS 140-3 related changes I'm adding patches 2 and 3 which (I hope) resolve issues spotted by reviewers of previous version of the patchset. This new patchset should ease our future kernel work on the FIPS mode. I'm quoting Nicolai's cover letter here: > Hi all, > > these four rather unrelated patches are basically a dump of some of the > more trivial changes required for working towards FIPS 140-3 conformance. > > Please pick as you deem appropriate. > > Thanks! > > Nicolai v2: - fixed a block comment formatting - "Reviewed-by: Eric Biggers" was copied from the v1 thread: https://lore.kernel.org/r/Y6OXuT95MlkNanSR@sol.localdomain/ Nicolai Stange (4): crypto: xts - restrict key lengths to approved values in FIPS mode crypto: testmgr - disallow plain cbcmac(aes) in FIPS mode crypto: testmgr - disallow plain ghash in FIPS mode crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode Vladis Dronov (2): crypto: xts - drop xts_check_key() crypto: xts - drop redundant xts key check arch/s390/crypto/aes_s390.c | 4 --- arch/s390/crypto/paes_s390.c | 2 +- crypto/testmgr.c | 4 +-- drivers/crypto/atmel-aes.c | 2 +- drivers/crypto/axis/artpec6_crypto.c | 2 +- drivers/crypto/cavium/cpt/cptvf_algs.c | 8 +++--- .../crypto/cavium/nitrox/nitrox_skcipher.c | 8 +++--- drivers/crypto/ccree/cc_cipher.c | 2 +- .../crypto/marvell/octeontx/otx_cptvf_algs.c | 2 +- .../marvell/octeontx2/otx2_cptvf_algs.c | 2 +- include/crypto/xts.h | 25 +++++++------------ 11 files changed, 23 insertions(+), 38 deletions(-) base-commit: b6bb9676f2165d518b35ba3bea5f1fcfc0d969bf