| Message ID | 20231029204823.663930-2-dimitri.ledkov@canonical.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp1850341vqb;
Sun, 29 Oct 2023 13:49:11 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IGtU33K9vZkcIKid5g8azCvuO5uBueH8D2sdjAql5heJnY3xUeu8DW+2tdLUJ3bW6gcOZ8p
X-Received: by 2002:a05:6a20:6a10:b0:16b:d853:9a10 with SMTP id
p16-20020a056a206a1000b0016bd8539a10mr11433684pzk.39.1698612551259;
Sun, 29 Oct 2023 13:49:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1698612551; cv=none;
d=google.com; s=arc-20160816;
b=szbONsV9mBB9RumSMSeJitZHuCkt+OO+NCH16Wb2A1PcHR636GoSnQ/6L0xc833uG6
JA414FCkwdUqxQn6tDnjSbftEkdMoQcJy9Oc/7TK4N/xlzCkxwE9hkocTyuLxj+1bVdq
HLcswoxQWFEfGPOjiqNM+smuEXcMOyuYhofCXpaMEYoPB0fa8/rcHskUIbKJWwmWipkF
0Q+UukkCeb70NXfrSXEQGsActNAwiadGCYr6gwEEu1EdLBjJ5sQb724AMQVTy2JdHCCc
Lh14X0irmil5SQmEalSTx66ZJYSmIpl58cfq++DAU88SytyZt5hX6D5sixgDuCAcvJhN
aaFg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=SH87ZmKIdF7eMR0VODUq6DUDb+J0CZk1+c70eMvKp34=;
fh=GbauwlMJ5/XUYlmlVXsHUtFD6YE/+ncF76Wc5tNLmY0=;
b=O5p3jVcN5BZ3kkIxbWnqqXBAP65ypZKoZhCzGgXPw7KJqEUCx02cLdV58y8Cz+e5hw
v2Y1/ezle/3E3P4nP5NTiKHnRTXwuoZpXW9/QHJj3AoKwsfHnbp40NfXKnP6ymnYpVBe
J+Noc/cio078EvAEyg4ibnSe3JEo9ytqOlAEqMuUMPHVqMtxAOVcNgp5AbBMbOEp64qU
YVtFUUYPq6mI9tv2A8mffWxvSpmXjiAJyYxWXV/gkJYHe8M2RFjVL8eLTTCxEHm5u6Ho
Izqi2DEBq2/0bWExUsyPu1htE+b3j0angPJrslkD7pkzDaeSZByE2dohYOJmXthHPOPz
tp8g==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@canonical.com header.s=20210705 header.b=a4yP+dDL;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.33 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com
Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33])
by mx.google.com with ESMTPS id
f22-20020a635556000000b005b81f21a25csi4013523pgm.830.2023.10.29.13.49.10
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sun, 29 Oct 2023 13:49:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33;
Authentication-Results: mx.google.com;
dkim=pass header.i=@canonical.com header.s=20210705 header.b=a4yP+dDL;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.33 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by lipwig.vger.email (Postfix) with ESMTP id 52635806302D;
Sun, 29 Oct 2023 13:49:06 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230432AbjJ2Usw (ORCPT <rfc822;fengqi706@gmail.com> + 30 others);
Sun, 29 Oct 2023 16:48:52 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51226 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230338AbjJ2Uso (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Sun, 29 Oct 2023 16:48:44 -0400
Received: from smtp-relay-internal-1.canonical.com
(smtp-relay-internal-1.canonical.com [185.125.188.123])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 92071C4
for <linux-kernel@vger.kernel.org>;
Sun, 29 Oct 2023 13:48:41 -0700 (PDT)
Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com
[209.85.128.70])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256)
(No client certificate requested)
by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id
F39D53F36A
for <linux-kernel@vger.kernel.org>;
Sun, 29 Oct 2023 20:48:36 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;
s=20210705; t=1698612517;
bh=SH87ZmKIdF7eMR0VODUq6DUDb+J0CZk1+c70eMvKp34=;
h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
MIME-Version;
b=a4yP+dDLtTWpzjKncI0+02tYIy+9ovORaYZC7yn/dZiHSJI8pyewFc0b3SWN86oAA
WfJK+kIrI7ePw8MbriTv2wlU5ZjyLhW0Jju3q7/4iwhVDfhUcwAkWrgJ/B/UFJc4NZ
f7IL8pKQ0+2QxG7kwCXvS5UfxFIml4IV9KhTwTDbxppP7Nh+9MwzY249eCXfPf9dqP
L3TLsHO/rRGdZ4yZ6sOKLiAteGDqGYwZ+trbrf0cO/htD3uKDoK08MU5XoTqtY3bNA
CCMPZdt5wBNupdghX2pw1Bvi9D105hV7wPVECjgFTGmo+WUIAKSareyTYbRuq7S6HR
t6CQxo4tDVl0Q==
Received: by mail-wm1-f70.google.com with SMTP id
5b1f17b1804b1-4083c9b426fso26809625e9.2
for <linux-kernel@vger.kernel.org>;
Sun, 29 Oct 2023 13:48:36 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1698612515; x=1699217315;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=SH87ZmKIdF7eMR0VODUq6DUDb+J0CZk1+c70eMvKp34=;
b=Wmix6XUPqzBk9a3j2Mhgj/7wiiHhw+hyVxZdJopGS7UgiV/eUnw46oTin/Tb6Dp+4L
IUJjdv80xdfpy6FnYckC46BZ6/xw5l/CBx25zeT/Xui87ANZF0OkP+F8KfwWmwWqb8An
D/RagP5q1NpD1vrGaPTMEjyxcn3Sanj83e77O6whUrNrqv5aw/xOV9xjFWysSSj9XcW6
/4PDdztxzaxX2D1WBAht6J6IrIGYpwSQlliCeCeMxZYnz47RdqazoRnwpuYe5KNTpTff
5ENWac4GmRrMYHlk0U4a/H9ZPWPbOrwQmJltIwsKDalGTObkYShwPF7lmAzXDNuzMJCd
N+pA==
X-Gm-Message-State: AOJu0YzJrclVDH6WuhkiylutWMumqDsEcHYiWXV7viQL3G+Us3TgTBk0
bfhC8uSXLRO5ZrWPzR8q1MmmyfNM8ZljQ85Vr/Zk4Els34WTrMZFObHrmP2frnZkX0RkTyshekE
tyB+ra733A0RvN0w8tR3OHML0oYGqpL11GDUTa8bf8g==
X-Received: by 2002:a05:600c:3ca4:b0:405:36d7:4582 with SMTP id
bg36-20020a05600c3ca400b0040536d74582mr7000437wmb.15.1698612515193;
Sun, 29 Oct 2023 13:48:35 -0700 (PDT)
X-Received: by 2002:a05:600c:3ca4:b0:405:36d7:4582 with SMTP id
bg36-20020a05600c3ca400b0040536d74582mr7000424wmb.15.1698612514721;
Sun, 29 Oct 2023 13:48:34 -0700 (PDT)
Received: from localhost ([2001:67c:1560:8007::aac:c15c])
by smtp.gmail.com with ESMTPSA id
o13-20020a05600c510d00b003fe15ac0934sm4346423wms.1.2023.10.29.13.48.34
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sun, 29 Oct 2023 13:48:34 -0700 (PDT)
From: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Stephan Mueller <smueller@chronox.de>
Cc: simo@redhat.com, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 2/4] crypto: drbg - update FIPS CTR self-checks to aes256
Date: Sun, 29 Oct 2023 22:48:21 +0200
Message-Id: <20231029204823.663930-2-dimitri.ledkov@canonical.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20231029204823.663930-1-dimitri.ledkov@canonical.com>
References: <20231029204823.663930-1-dimitri.ledkov@canonical.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]);
Sun, 29 Oct 2023 13:49:06 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1781124354645458897
X-GMAIL-MSGID: 1781124354645458897
|
| Series |
[1/4] crypto: drbg - ensure most preferred type is FIPS health checked
|
|
Commit Message
Dimitri John Ledkov
Oct. 29, 2023, 8:48 p.m. UTC
When originally drbg was introduced FIPS self-checks for all types but
CTR were using the most preferred parameters for each type of
DRBG. Update CTR self-check to use aes256.
Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit Generator")
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
---
crypto/drbg.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Comments
Am Sonntag, 29. Oktober 2023, 21:48:21 CET schrieb Dimitri John Ledkov: Hi Dimitri, > When originally drbg was introduced FIPS self-checks for all types but > CTR were using the most preferred parameters for each type of > DRBG. Update CTR self-check to use aes256. > > Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit > Generator") Signed-off-by: Dimitri John Ledkov > <dimitri.ledkov@canonical.com> > --- > crypto/drbg.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/crypto/drbg.c b/crypto/drbg.c > index 2cce18dcfc..b120e2866b 100644 > --- a/crypto/drbg.c > +++ b/crypto/drbg.c > @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg, > err = alg_test("drbg_pr_hmac_sha256", > "drbg_pr_hmac_sha256", 0, 0); > else if (drbg->core->flags & DRBG_CTR) > - err = alg_test("drbg_pr_ctr_aes128", > - "drbg_pr_ctr_aes128", 0, 0); > + err = alg_test("drbg_pr_ctr_aes256", > + "drbg_pr_ctr_aes256", 0, 0); > else > err = alg_test("drbg_pr_sha256", > "drbg_pr_sha256", 0, 0); > @@ -2017,7 +2017,7 @@ static inline int __init drbg_healthcheck_sanity(void) > return 0; > > #ifdef CONFIG_CRYPTO_DRBG_CTR > - drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); > + drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr); > #endif > #ifdef CONFIG_CRYPTO_DRBG_HASH > drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); I am not sure again whether this warrants a "Fixes" tag, because the first modification is in a commented-out code section and the latter again intends to test the DRBG thresholds and thus just needs "a" DRBG. Anyhow: Reviewed-by: Stephan Mueller <smueller@chronox.de> Ciao Stephan
On Mon, 30 Oct 2023 at 12:23, Stephan Mueller <smueller@chronox.de> wrote: > > Am Sonntag, 29. Oktober 2023, 21:48:21 CET schrieb Dimitri John Ledkov: > > Hi Dimitri, > > > When originally drbg was introduced FIPS self-checks for all types but > > CTR were using the most preferred parameters for each type of > > DRBG. Update CTR self-check to use aes256. > > > > Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit > > Generator") Signed-off-by: Dimitri John Ledkov > > <dimitri.ledkov@canonical.com> > > > > > --- > > crypto/drbg.c | 6 +++--- > > 1 file changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/crypto/drbg.c b/crypto/drbg.c > > index 2cce18dcfc..b120e2866b 100644 > > --- a/crypto/drbg.c > > +++ b/crypto/drbg.c > > @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg, > > err = alg_test("drbg_pr_hmac_sha256", > > "drbg_pr_hmac_sha256", 0, 0); > > else if (drbg->core->flags & DRBG_CTR) > > - err = alg_test("drbg_pr_ctr_aes128", > > - "drbg_pr_ctr_aes128", 0, 0); > > + err = alg_test("drbg_pr_ctr_aes256", > > + "drbg_pr_ctr_aes256", 0, 0); > > else > > err = alg_test("drbg_pr_sha256", > > "drbg_pr_sha256", 0, 0); > > @@ -2017,7 +2017,7 @@ static inline int __init drbg_healthcheck_sanity(void) > > return 0; > > > > #ifdef CONFIG_CRYPTO_DRBG_CTR > > - drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); > > + drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr); > > #endif > > #ifdef CONFIG_CRYPTO_DRBG_HASH > > drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); > > I am not sure again whether this warrants a "Fixes" tag, because the first > modification is in a commented-out code section and the latter again intends > to test the DRBG thresholds and thus just needs "a" DRBG. > Agreed, it is more of a reference. But yes, I don't believe this needs to trigger stable backports - because yes it is like dead code, or fips only code which majority kernels don't do. Maybe I should reference that commit in description only? > Anyhow: > > Reviewed-by: Stephan Mueller <smueller@chronox.de> > > > Ciao > Stephan > >
Am Montag, 30. Oktober 2023, 11:30:32 CET schrieb Dimitri John Ledkov: Hi Dimitri, > On Mon, 30 Oct 2023 at 12:23, Stephan Mueller <smueller@chronox.de> wrote: > > Am Sonntag, 29. Oktober 2023, 21:48:21 CET schrieb Dimitri John Ledkov: > > > > Hi Dimitri, > > > > > When originally drbg was introduced FIPS self-checks for all types but > > > CTR were using the most preferred parameters for each type of > > > DRBG. Update CTR self-check to use aes256. > > > > > > Fixes: 541af946fe ("crypto: drbg - SP800-90A Deterministic Random Bit > > > Generator") Signed-off-by: Dimitri John Ledkov > > > <dimitri.ledkov@canonical.com> > > > > > > > > > > > > --- > > > > > > crypto/drbg.c | 6 +++--- > > > 1 file changed, 3 insertions(+), 3 deletions(-) > > > > > > diff --git a/crypto/drbg.c b/crypto/drbg.c > > > index 2cce18dcfc..b120e2866b 100644 > > > --- a/crypto/drbg.c > > > +++ b/crypto/drbg.c > > > @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg, > > > > > > err = alg_test("drbg_pr_hmac_sha256", > > > > > > "drbg_pr_hmac_sha256", 0, 0); > > > > > > else if (drbg->core->flags & DRBG_CTR) > > > > > > - err = alg_test("drbg_pr_ctr_aes128", > > > - "drbg_pr_ctr_aes128", 0, 0); > > > + err = alg_test("drbg_pr_ctr_aes256", > > > + "drbg_pr_ctr_aes256", 0, 0); > > > > > > else > > > > > > err = alg_test("drbg_pr_sha256", > > > > > > "drbg_pr_sha256", 0, 0); > > > > > > @@ -2017,7 +2017,7 @@ static inline int __init > > > drbg_healthcheck_sanity(void) return 0; > > > > > > #ifdef CONFIG_CRYPTO_DRBG_CTR > > > > > > - drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); > > > + drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr); > > > > > > #endif > > > #ifdef CONFIG_CRYPTO_DRBG_HASH > > > > > > drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr); > > > > I am not sure again whether this warrants a "Fixes" tag, because the first > > modification is in a commented-out code section and the latter again > > intends to test the DRBG thresholds and thus just needs "a" DRBG. > > Agreed, it is more of a reference. But yes, I don't believe this needs > to trigger stable backports - because yes it is like dead code, or > fips only code which majority kernels don't do. Maybe I should > reference that commit in description only? I think this would be good to avoid the need to trigger backports for this "trivial" patch. Thanks a lot. > > > Anyhow: > > > > Reviewed-by: Stephan Mueller <smueller@chronox.de> > > > > > > Ciao > > Stephan Ciao Stephan
diff --git a/crypto/drbg.c b/crypto/drbg.c index 2cce18dcfc..b120e2866b 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1478,8 +1478,8 @@ static int drbg_generate(struct drbg_state *drbg, err = alg_test("drbg_pr_hmac_sha256", "drbg_pr_hmac_sha256", 0, 0); else if (drbg->core->flags & DRBG_CTR) - err = alg_test("drbg_pr_ctr_aes128", - "drbg_pr_ctr_aes128", 0, 0); + err = alg_test("drbg_pr_ctr_aes256", + "drbg_pr_ctr_aes256", 0, 0); else err = alg_test("drbg_pr_sha256", "drbg_pr_sha256", 0, 0); @@ -2017,7 +2017,7 @@ static inline int __init drbg_healthcheck_sanity(void) return 0; #ifdef CONFIG_CRYPTO_DRBG_CTR - drbg_convert_tfm_core("drbg_nopr_ctr_aes128", &coreref, &pr); + drbg_convert_tfm_core("drbg_nopr_ctr_aes256", &coreref, &pr); #endif #ifdef CONFIG_CRYPTO_DRBG_HASH drbg_convert_tfm_core("drbg_nopr_sha256", &coreref, &pr);