Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp156181yba; Thu, 2 May 2019 22:26:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqxspevr2J9qjTzWtAo5cxmYCimVmvBFqC70xyVNip+2pyRC3+g4VwNcP0auyRhswf+rmfGN X-Received: by 2002:a62:4183:: with SMTP id g3mr8605205pfd.229.1556861210819; Thu, 02 May 2019 22:26:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556861210; cv=none; d=google.com; s=arc-20160816; b=cRuotGVd6+2Num48IPh6s5wjzD68nkJl9CdfvScUClPewH1Jd8rAevvy2x2WA75Nci pmmwncaX8r6jvsLwGWEtl1G3yRsfhAzgdEQX3mQOasH4Vm2k5zAeVrWTVahUvOabq1x2 K9IEJzFnPP0HhCF8sp7t2Q0Wr6mEy+n1YvgnKeLrxi8mPUyFpjf8kerp2T5yNluhOXl+ /FjepmaGdiojDQtu2/TqFhUJz6GmBwg1bRi5Y78dFNt4F8eKvWkGOqIqIemSMTxCPk6c i63BujpsMOn98djx+atodIPw+DoYRSZapPQmE1A6mJxZ96Ge3QtoJqObk59ioeAD9hR2 tYcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=qqMvg8+ahBhu4uOS+PFySGC3mA76mH3N/mKxfGy11/w=; b=ce+uUJvIsXI1IZRyBsBTiNMGWM29uohLuZPhFW3hQwerCjxifbM5cQtHs5/B3BjxBd NxHbeNvRJpAdr8JyHMkfLhQ4Zk2TsT0VNlzh99E03EdGDcWemETgMUPReDMc60jkaxsX 0cfZDftZK/KaAZFalAFy/l7kY64+BOHJcCWEydtbl5HRh37ZwRVoabaS1i8xI5lBxZYe 7MFKEwJ5uJ8YIsii4sglf8gEPt8SiVhZwvP1iuPmCfGBEsUbHGnT74HWawp9h1n09/RE ElUV6vITQDdoWBxrybBGkzqVpZfyhFjXAqoBw5KfmVutV5+rnbNsiWm6OQCJqrOHt12z tMqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=UNt9lJnZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l63si1115353pfl.127.2019.05.02.22.26.26; Thu, 02 May 2019 22:26:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=UNt9lJnZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726229AbfECFL1 (ORCPT + 99 others); Fri, 3 May 2019 01:11:27 -0400 Received: from mo4-p00-ob.smtp.rzone.de ([81.169.146.161]:18319 "EHLO mo4-p00-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726220AbfECFL1 (ORCPT ); Fri, 3 May 2019 01:11:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1556860285; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=qqMvg8+ahBhu4uOS+PFySGC3mA76mH3N/mKxfGy11/w=; b=UNt9lJnZo1e7UedcUWuNyEAzk7bB/XtmQ6rEr4xMPM1NmjHv3Z0Txs4bnzicNA9xPn z6jV+kmHd2KED/+yxRSe1BbeZafx0S9eKMKmZi+K3SE/MzpS4Kbl88t7I58YVor1wDDa jZ4OCmZjzAQLaiD4f+AVjBvzjPIlBC0C9143ruutt08dai3U3PJI7+ESybqtTcrk5vd8 GRPsEu85iKZiqYpqu/GMaKZFuhUs3NLIoHDOTGrjQLbpx8L47kpwNHcjyEwTBL+AE6kV 4ViFBpXdNRDwvFSbhBhn4TgA3sHzRQFKGkdF149g+QoNOHGZvFZmXK1z280Wue5ytPRB oXJQ== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzGHXPaJfSd/cc=" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 44.18 DYNA|AUTH) with ESMTPSA id R0373fv435BOlv8 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Fri, 3 May 2019 07:11:24 +0200 (CEST) From: Stephan Mueller To: Herbert Xu Cc: linux-crypto@vger.kernel.org Subject: Re: [PATCH v3] crypto: DRBG - add FIPS 140-2 CTRNG for noise source Date: Fri, 03 May 2019 07:11:23 +0200 Message-ID: <2145637.ukeSOrXKR8@tauon.chronox.de> In-Reply-To: <20190503014241.cy35pjinezhapga7@gondor.apana.org.au> References: <1852500.fyBc0DU23F@positron.chronox.de> <5352150.0CmBXKFm2E@positron.chronox.de> <20190503014241.cy35pjinezhapga7@gondor.apana.org.au> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Am Freitag, 3. Mai 2019, 03:42:41 CEST schrieb Herbert Xu: Hi Herbert, > On Thu, May 02, 2019 at 06:38:12PM +0200, Stephan M=FCller wrote: > > +static int drbg_fips_continuous_test(struct drbg_state *drbg, > > + const unsigned char *entropy) > > +{ > > +#if IS_ENABLED(CONFIG_CRYPTO_FIPS) >=20 > This should look like >=20 > if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) { > ... > } else { > ... > } >=20 > This way the compiler will see everything regardless of whether > FIPS is enabled or not. >=20 > > diff --git a/include/crypto/drbg.h b/include/crypto/drbg.h > > index 3fb581bf3b87..939051480c83 100644 > > --- a/include/crypto/drbg.h > > +++ b/include/crypto/drbg.h > > @@ -129,6 +129,10 @@ struct drbg_state { > >=20 > > bool seeded; /* DRBG fully seeded? */ > > bool pr; /* Prediction resistance enabled? */ > >=20 > > +#if IS_ENABLED(CONFIG_CRYPTO_FIPS) > > + bool fips_primed; /* Continuous test primed? */ > > + unsigned char *prev; /* FIPS 140-2 continuous test value */ > > +#endif >=20 > You can still use #ifdef here. The variables would need to be defined unconditionally if we use a runtime= =20 check in the C code. Is that what you want me to do? Ciao Stephan