git.kernelconcepts.de Git - karo-tx-linux.git/commit

author	Milan Broz <mbroz@redhat.com>
	Fri, 29 Jun 2012 20:08:09 +0000 (22:08 +0200)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Wed, 11 Jul 2012 03:06:15 +0000 (11:06 +0800)
commit	6c79294f44fd7d1122cbaabff3b9815b074c0dd0
tree	f9572a8056ab494a6191ea4bb8d53593feb9119c	tree \| snapshot
parent	b329669ea0b5b02efd41f94372bcf0e988814af4	commit \| diff

crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode

Patch 863b557a88f8c033f7419fabafef4712a5055f85 added NULL entries
for intel accelerated drivers but did not marked these fips allowed.
This cause panic if running tests with fips=1.

For ghash, fips_allowed flag was added in patch
18c0ebd2d8194cce4b3f67e2903fa01bea892cbc.

Without patch, "modprobe tcrypt" fails with
  alg: skcipher: Failed to load transform for cbc-aes-aesni: -2
  cbc-aes-aesni: cbc(aes) alg self test failed in fips mode!
  (panic)

Also add missing cryptd(__driver-cbc-aes-aesni) and
cryptd(__driver-gcm-aes-aesni) test to complement
null tests above, otherwise system complains with
  alg: No test for __cbc-aes-aesni (cryptd(__driver-cbc-aes-aesni))
  alg: No test for __gcm-aes-aesni (cryptd(__driver-gcm-aes-aesni))

Signed-off-by: Milan Broz <mbroz@redhat.com>
Signed-off-by: Paul Wouters <pwouters@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>