Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp471395pxf; Thu, 8 Apr 2021 06:56:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwA1axjsChf6GGoTipukbw1wxqpH00v1gM9CjxyJbuJPWTW4CKakTx/9Fptl3KOtS/olp+u X-Received: by 2002:a17:906:6703:: with SMTP id a3mr10453450ejp.240.1617890162856; Thu, 08 Apr 2021 06:56:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617890162; cv=none; d=google.com; s=arc-20160816; b=UV/957CfPRHH01cgyacYmU2b2BNCRr04jqNEzmfasnNiUk6+k0Ss6nc6n0L0ZhtlLl oW6eVqzSyeMulLOtWjRTdTOb6ES56Kjq4HxgpY851Vre+KRD4zbLrEp8PkHqwkmvNWuZ zW/2BAV8GPEE8prjD4hq78vTAbqDnsVrJPIQJdnX546nQkqYO5IIKf3tTLcszquf/kVc bPpRI4iLV8HdQXZzMq/tWIEIEl8JZPwyqMT22pog7Kbypo1gDOU8ieZ5ZUqsvCVoMCUW aID+Ax/O5Z/MfSttCvVLoI2ejLlfz+ZcQl6vjffc9sts37Tg2EwCqGzYagswbgnG7Myv KG1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=WdG/+9H4BfauINLjbcdnfsK7R+CRfSR/z4xwYKN7yqw=; b=Q3B62B5V3FF1bM0drBNCskZ2O3DHzxOe6HqPN97yJxcc8Jh2F9BytQ7ychJ9hn9A56 H5gXQnMx/4TjratVhNJomzz8bBlYCQpQzymCoMaj63J3YhlUL/IUhWHAByCGktKb58P3 mE3bWE3r1/eCgrh7JbxPYsHi0SWBAwT/ahgcNYw138Rn6DTAJgCSG046Zxs72q5juTKk tqgjPXjfsAmXW77dqHZrw0u3ao3G42g+jyivQejZPpS3BkuFi6imJt9OgnDFwZf9V+Rh YNlISTPJmqMC1WCABCEJsCYRV0t1XHym6haVUL669n8huOLtl6E6jMJ3Qq4pE+fI0l11 fulA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=gqRV0DNS; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q4si10167585edb.494.2021.04.08.06.55.34; Thu, 08 Apr 2021 06:56:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=gqRV0DNS; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231663AbhDHNzg (ORCPT + 99 others); Thu, 8 Apr 2021 09:55:36 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:53714 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231195AbhDHNzg (ORCPT ); Thu, 8 Apr 2021 09:55:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1617890124; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WdG/+9H4BfauINLjbcdnfsK7R+CRfSR/z4xwYKN7yqw=; b=gqRV0DNSkSaGGO0ZTfvv0+WbfIRbiN+y5HgbhihjOzkNrAN9zmtgi9HzvGJERzOf2U/ggI otWLVM9fupbK4m7EXqXRJv+9hULtXatNMkXI2YrbO6hLHMmTWdE2NSwrEW5L5tS8FuUCV1 7arkgnaFVkm/Nxm03GTItwwpyU7kjKA= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-297-EA4COy0TPxiNml6Gmkhlzg-1; Thu, 08 Apr 2021 09:55:22 -0400 X-MC-Unique: EA4COy0TPxiNml6Gmkhlzg-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 0FF048030A1; Thu, 8 Apr 2021 13:55:21 +0000 (UTC) Received: from ovpn-113-96.phx2.redhat.com (ovpn-113-96.phx2.redhat.com [10.3.113.96]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1EB0360BF1; Thu, 8 Apr 2021 13:55:16 +0000 (UTC) Message-ID: Subject: Re: [PATCH net-next] [RESEND] wireguard: disable in FIPS mode From: Simo Sorce To: "Jason A. Donenfeld" , Hangbin Liu Cc: Netdev , Toke =?ISO-8859-1?Q?H=F8iland-J=F8rgensen?= , Jakub Kicinski , Ondrej Mosnacek , Linux Crypto Mailing List Date: Thu, 08 Apr 2021 09:55:15 -0400 In-Reply-To: References: <20210407113920.3735505-1-liuhangbin@gmail.com> Organization: Red Hat, Inc. Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Wed, 2021-04-07 at 15:15 -0600, Jason A. Donenfeld wrote: > Hi Hangbin, > > On Wed, Apr 7, 2021 at 5:39 AM Hangbin Liu wrote: > > As the cryptos(BLAKE2S, Curve25519, CHACHA20POLY1305) in WireGuard are not > > FIPS certified, the WireGuard module should be disabled in FIPS mode. > > I'm not sure this makes so much sense to do _in wireguard_. If you > feel like the FIPS-allergic part is actually blake, 25519, chacha, and > poly1305, then wouldn't it make most sense to disable _those_ modules > instead? And then the various things that rely on those (such as > wireguard, but maybe there are other things too, like > security/keys/big_key.c) would be naturally disabled transitively? The reason why it is better to disable the whole module is that it provide much better feedback to users. Letting init go through and then just fail operations once someone tries to use it is much harder to deal with in terms of figuring out what went wrong. Also wireguard seem to be poking directly into the algorithms implementations and not use the crypto API, so disabling individual algorithm via the regular fips_enabled mechanism at runtime doesn't work. > [As an aside, I don't think any of this fips-flag-in-the-kernel makes > much sense at all for anything, but that seems like a different > discussion, maybe?] It makes sense, because vendors provide a single kernel that can be used by both people that are required to be FIPS compliant and people that don't. For people that are required to be FIPS complaint vendors want to provide the ability to use a single knob (fips=1 at boot) to turn off everything that is not FIPS compliant. Disabling algorithms at compile time would not work for people that do not care about FIPS compliance. HTH, Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc