Lines Matching +full:panic +full:- +full:indicator

1 // SPDX-License-Identifier: GPL-2.0-only
8  * built-in implementations of these algorithms with its implementations.  It
9  * also runs self-tests on these algorithms and verifies the integrity of its
10  * code and data.  If either of these steps fails, the kernel will panic.
29 #include "fips140-module.h"
33  * FIPS 140-2 prefers the use of HMAC with a public key over a plain hash.
64  * All algorithms that will be declared as FIPS-approved in the module
65  * certification must be listed here, to ensure that the non-FIPS-approved
70  * well as any architecture-specific implementations.  This is needed to avoid
73  * module doesn't have a C implementation of it (and it won't be FIPS-approved).
76  * FIPS-approved.  However, we otherwise treat it the same as the algorithms
77  * that will be FIPS-approved, and therefore it's included in this list.
80  * self-test added to fips140_selftests[] as well.
120 	if (alg->cra_flags & CRYPTO_ALG_ASYNC)  in fips140_should_unregister_alg()
124 		if (!strcmp(alg->cra_name, fips140_algs_to_replace[i].name))  in fips140_should_unregister_alg()
131  * FIPS 140-3 service indicators.  FIPS 140-3 requires that all services
132  * "provide an indicator when the service utilises an approved cryptographic
134  * means is very debatable, even with the help of the FIPS 140-3 Implementation
139  *   - The module doesn't distinguish between "services" and "algorithms"; its
142  *   - The status of an approved algorithm is never non-approved, since (a) the
143  *     module doesn't support operating in a non-approved mode, such as a mode
144  *     where the self-tests are skipped; (b) there are no cases where the module
145  *     supports non-approved settings for approved algorithms, e.g.
146  *     non-approved key sizes; and (c) this function isn't available to be
148  *     that the self-tests and integrity check have already passed.
150  *   - The module does support some non-approved algorithms, so a single static
151  *     indicator ("return true;") would not be acceptable.
166  * FIPS 140-3 requires that modules provide a "service" that outputs "the name
210 		list_del_init(&alg->cra_list);  in fips140_remove_final()
238 		if (refcount_read(&alg->cra_refcnt) == 1) {  in unregister_existing_fips140_algos()
247 			alg->cra_flags |= CRYPTO_ALG_DEAD;  in unregister_existing_fips140_algos()
248 			list_move(&alg->cra_list, &remove_list);  in unregister_existing_fips140_algos()
259 			 * In most cases, setting alg->cra_priority to 0  in unregister_existing_fips140_algos()
269 			pr_info("found already-live algorithm '%s' ('%s')\n",  in unregister_existing_fips140_algos()
270 				alg->cra_name, alg->cra_driver_name);  in unregister_existing_fips140_algos()
271 			alg->cra_priority = 0;  in unregister_existing_fips140_algos()
272 			strlcat(alg->cra_name, "+orig", CRYPTO_MAX_ALG_NAME);  in unregister_existing_fips140_algos()
273 			strlcat(alg->cra_driver_name, "+orig",  in unregister_existing_fips140_algos()
275 			list_move(&alg->cra_list, &existing_live_algos);  in unregister_existing_fips140_algos()
287 	while (numrels--) {  in unapply_text_relocations()
288 		u32 *place = (u32 *)(section + rela->r_offset);  in unapply_text_relocations()
290 		BUG_ON(rela->r_offset >= section_size);  in unapply_text_relocations()
292 		switch (ELF64_R_TYPE(rela->r_info)) {  in unapply_text_relocations()
315 			       ELF64_R_TYPE(rela->r_info));  in unapply_text_relocations()
328 	while (numrels--) {  in unapply_rodata_relocations()
329 		void *place = section + rela->r_offset;  in unapply_rodata_relocations()
331 		BUG_ON(rela->r_offset >= section_size);  in unapply_rodata_relocations()
333 		switch (ELF64_R_TYPE(rela->r_info)) {  in unapply_rodata_relocations()
340 			       ELF64_R_TYPE(rela->r_info));  in unapply_rodata_relocations()
365 	textsize	= &__fips140_text_end - &__fips140_text_start;  in check_fips140_module_hmac()
366 	rodatasize	= &__fips140_rodata_end - &__fips140_rodata_start;  in check_fips140_module_hmac()
399 	desc->tfm = tfm;  in check_fips140_module_hmac()
429 	 * FIPS 140-3 requires that all "temporary value(s) generated during the  in check_fips140_module_hmac()
430 	 * integrity test" be zeroized (ref: FIPS 140-3 IG 9.7.B).  There is no  in check_fips140_module_hmac()
509 		 * algorithms that depend on non-present CPU features.  Besides  in fips140_init()
512 		if (err && err != -ENODEV) {  in fips140_init()
514 			goto panic;  in fips140_init()
519 		goto panic;  in fips140_init()
526 	 * ready for FIPS 140-3, the integrity check algorithm must have already  in fips140_init()
527 	 * been self-tested.  in fips140_init()
531 		pr_crit("integrity check failed -- giving up!\n");  in fips140_init()
532 		goto panic;  in fips140_init()
539 		goto panic;  in fips140_init()
542 		goto panic;  in fips140_init()
547 panic:  in fips140_init()
548 	panic("FIPS 140 module load failure");  in fips140_init()
557  * Crypto-related helper functions, reproduced here so that they will be
560  * Non-cryptographic helper functions such as memcpy() can be excluded from the
573 		len -= 8;  in __crypto_xor()
581 		len -= 4;  in __crypto_xor()
589 		len -= 2;  in __crypto_xor()
592 	while (len--)  in __crypto_xor()
600 	while (size--)  in crypto_inc()
601 		if (++*--a)  in crypto_inc()