Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751685Ab2JOHvk (ORCPT ); Mon, 15 Oct 2012 03:51:40 -0400 Received: from mx1.redhat.com ([209.132.183.28]:53298 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750744Ab2JOHvj (ORCPT ); Mon, 15 Oct 2012 03:51:39 -0400 Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 From: David Howells In-Reply-To: References: <87fw5m7ipz.fsf@rustcorp.com.au> To: Linus Torvalds , Stephan Mueller Cc: dhowells@redhat.com, Rusty Russell , LKML , Alex Lyashkov , Arnd Bergmann , Dan Carpenter , "David S. Miller" , Dmitry Kasatkin , Herbert Xu , Josh Boyer , linux-crypto@vger.kernel.org, Lucas De Marchi , Matthew Garrett , Milan Broz , Ralf Baechle , Randy Dunlap , Sam Ravnborg Subject: FIPS-mode panic? (was Re: [PULL] modules) Date: Mon, 15 Oct 2012 08:50:54 +0100 Message-ID: <15269.1350287454@warthog.procyon.org.uk> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 861 Lines: 23 Linus Torvalds wrote: > Hmm. So this thing makes me wonder: > > /* Not having a signature is only an error if we're strict. */ > if (err < 0 && fips_enabled) > panic("Module verification failed with error %d in FIPS mode\n", > err); > > do we really want to panic (even in fips_enabled mode)? That's what the FIPS people want. As I understand it, if there's some indication that the crypto stuff is compromised, the box should be shut down immediately. I've added Stephan Mueller to see if he can illuminate further. David -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/