[PATCH 5/8] crypto: drbg - Add stdrng alias and increase priority
This patch adds the stdrng module alias and increases the priority to ensure that it is loaded in preference to other RNGs. Signed-off-by: Herbert Xu herb...@gondor.apana.org.au --- crypto/drbg.c |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 9284348..04836b4 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1876,7 +1876,7 @@ static inline void __init drbg_fill_array(struct rng_alg *alg, const struct drbg_core *core, int pr) { int pos = 0; - static int priority = 100; + static int priority = 200; memcpy(alg-base.cra_name, stdrng, 6); if (pr) { @@ -1965,3 +1965,4 @@ MODULE_DESCRIPTION(NIST SP800-90A Deterministic Random Bit Generator (DRBG) CRYPTO_DRBG_HASH_STRING CRYPTO_DRBG_HMAC_STRING CRYPTO_DRBG_CTR_STRING); +MODULE_ALIAS_CRYPTO(stdrng); -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] crypto: drbg - Add stdrng alias and increase priority
On Wed, Jun 03, 2015 at 08:59:13AM +0200, Stephan Mueller wrote: Considering the patch 8/8 which removes krng, wouldn't it make sense to remove the following code from the DRBG: /* * If FIPS mode enabled, the selected DRBG shall have the * highest cra_priority over other stdrng instances to ensure * it is selected. */ if (fips_enabled) alg-base.cra_priority += 200; That code was added to get a higher prio than the krng in FIPS mode. As this is not needed any more (krng is gone), I would say it is safe to remove this code too. You'd have to remove it from ansi_cprng first. Feel free to send patches to do that. Thanks, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] crypto: drbg - Add stdrng alias and increase priority
Am Mittwoch, 3. Juni 2015, 14:49:28 schrieb Herbert Xu: Hi Herbert, This patch adds the stdrng module alias and increases the priority to ensure that it is loaded in preference to other RNGs. Signed-off-by: Herbert Xu herb...@gondor.apana.org.au --- crypto/drbg.c |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 9284348..04836b4 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1876,7 +1876,7 @@ static inline void __init drbg_fill_array(struct rng_alg *alg, const struct drbg_core *core, int pr) { int pos = 0; - static int priority = 100; + static int priority = 200; Considering the patch 8/8 which removes krng, wouldn't it make sense to remove the following code from the DRBG: /* * If FIPS mode enabled, the selected DRBG shall have the * highest cra_priority over other stdrng instances to ensure * it is selected. */ if (fips_enabled) alg-base.cra_priority += 200; That code was added to get a higher prio than the krng in FIPS mode. As this is not needed any more (krng is gone), I would say it is safe to remove this code too. memcpy(alg-base.cra_name, stdrng, 6); if (pr) { @@ -1965,3 +1965,4 @@ MODULE_DESCRIPTION(NIST SP800-90A Deterministic Random Bit Generator (DRBG) CRYPTO_DRBG_HASH_STRING CRYPTO_DRBG_HMAC_STRING CRYPTO_DRBG_CTR_STRING); +MODULE_ALIAS_CRYPTO(stdrng); Ciao Stephan -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/8] crypto: drbg - Add stdrng alias and increase priority
Am Mittwoch, 3. Juni 2015, 15:01:39 schrieb Herbert Xu: Hi Herbert, You'd have to remove it from ansi_cprng first. Feel free to send patches to do that. Absolutely, my bad. -- Ciao Stephan -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html