• Jarod Wilson's avatar
    crypto: fips - only panic on bad/missing crypto mod signatures · 002c77a4
    Jarod Wilson authored
    Per further discussion with NIST, the requirements for FIPS state that
    we only need to panic the system on failed kernel module signature checks
    for crypto subsystem modules. This moves the fips-mode-only module
    signature check out of the generic module loading code, into the crypto
    subsystem, at points where we can catch both algorithm module loads and
    mode module loads. At the same time, make CONFIG_CRYPTO_FIPS dependent on
    CONFIG_MODULE_SIG, as this is entirely necessary for FIPS mode.
    
    v2: remove extraneous blank line, perform checks in static inline
    function, drop no longer necessary fips.h include.
    
    CC: "David S. Miller" <davem@davemloft.net>
    CC: Rusty Russell <rusty@rustcorp.com.au>
    CC: Stephan Mueller <stephan.mueller@atsec.com>
    Signed-off-by: default avatarJarod Wilson <jarod@redhat.com>
    Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    002c77a4
module.c 96.5 KB