Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp533191yba; Fri, 3 May 2019 06:27:59 -0700 (PDT) X-Google-Smtp-Source: APXvYqwSF60yE2NX0v/2rYSbzdeEFYqBgiuw6VgBuEsOf72Nz/1BuW5BrlhqqCgbmBJG3jfDqeoZ X-Received: by 2002:a65:60d0:: with SMTP id r16mr9899425pgv.229.1556890079544; Fri, 03 May 2019 06:27:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556890079; cv=none; d=google.com; s=arc-20160816; b=VjxfbrA3CH4HhocMF2BFnh6DPsdxfde07CGMkZCVWjcnrkYrFrHoOAYnu4J/9KrBi0 GtIaeQBQvvWjAkUaCa0XnU4Q6ywUt8PL2GqFavUcHAAb/x+Jv+SJqWLhB+5ZAzuUFPwb Ep2K6T3Z3kAjY1OEvlI8S6WX+L8XVya0hOGIxx1UC6fVR5dmrzcptGjpxoazKYNBe4si /5igq7hkqsS97B7WN8G23qhePb7ft67DFJWsUoqJIZM8t4EMEcabAxHc8/7EWJt83sDt 8rfE/0xhX7R6WKro/PFIbrfztg1Li+DoBAi1JTAvJtGsIQ1BrlsTcPjkzl2X/1kbgwHc sVKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=Q/Ba+UkkDM6eZ8QXjGVPj4b/nD2fZDzHcB5NBaLGfKo=; b=OsUzntSR0v3UBFGFgtm6cSqebMzEjsx7r0sxnIQgyZ55aK7RSvXTQEuNAFZ4Q+lbDP PqpM+FcgSF8THSmz3KOL15TEI/QkkL3cNDJxOQSC6y9qu4OEJH4sDqVMGRkkzGi/C0QO r2OONbjZkBwjdrjOvbRG6pkoy8Ms1Lv1oeZV49Mmcr0e29LLlrKXw3Ds5ujr71sPAaLm Cg7aS6MCKdZVXlNhcjcwu0qLpwIAIeTA+QTpwD/6hP5fNg38VgXubWHpoB6naa4gquWy ENcgQ3fjSZ3e4gy91Kzo+F8nDXF43YMteI4YtzU6FgDo04nEZ/U5aaI4DNlS8nokUtja 0Aug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t5si2342931plo.41.2019.05.03.06.27.45; Fri, 03 May 2019 06:27:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728002AbfECNZ6 (ORCPT + 99 others); Fri, 3 May 2019 09:25:58 -0400 Received: from [5.180.42.13] ([5.180.42.13]:38092 "EHLO deadmen.hmeau.com" rhost-flags-FAIL-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1727920AbfECNZ6 (ORCPT ); Fri, 3 May 2019 09:25:58 -0400 Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar) by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian)) id 1hMRMt-0005lS-Ic; Fri, 03 May 2019 14:08:23 +0800 Received: from herbert by gondobar with local (Exim 4.89) (envelope-from ) id 1hMRMr-0003Av-KE; Fri, 03 May 2019 14:08:21 +0800 Date: Fri, 3 May 2019 14:08:21 +0800 From: Herbert Xu To: Stephan Mueller Cc: linux-crypto@vger.kernel.org Subject: Re: [PATCH v3] crypto: DRBG - add FIPS 140-2 CTRNG for noise source Message-ID: <20190503060821.637af6zhad4jjfi3@gondor.apana.org.au> References: <1852500.fyBc0DU23F@positron.chronox.de> <5352150.0CmBXKFm2E@positron.chronox.de> <20190503014241.cy35pjinezhapga7@gondor.apana.org.au> <2145637.ukeSOrXKR8@tauon.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2145637.ukeSOrXKR8@tauon.chronox.de> User-Agent: NeoMutt/20170113 (1.7.2) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, May 03, 2019 at 07:11:23AM +0200, Stephan Mueller wrote: > > > > diff --git a/include/crypto/drbg.h b/include/crypto/drbg.h > > > index 3fb581bf3b87..939051480c83 100644 > > > --- a/include/crypto/drbg.h > > > +++ b/include/crypto/drbg.h > > > @@ -129,6 +129,10 @@ struct drbg_state { > > > > > > bool seeded; /* DRBG fully seeded? */ > > > bool pr; /* Prediction resistance enabled? */ > > > > > > +#if IS_ENABLED(CONFIG_CRYPTO_FIPS) > > > + bool fips_primed; /* Continuous test primed? */ > > > + unsigned char *prev; /* FIPS 140-2 continuous test value */ > > > +#endif > > > > You can still use #ifdef here. > > The variables would need to be defined unconditionally if we use a runtime > check in the C code. Is that what you want me to do? Yes please do that. If we wanted to we can get around this by using accessor functions to hide them but DRBG without FIPS doesn't make much sense anyway so let's just include them unconditionally. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt