linux.git - Linux kernel source tree

diff options

author	David Howells <dhowells@redhat.com>	2022-05-18 17:15:34 +0100
committer	David Howells <dhowells@redhat.com>	2022-06-21 16:05:12 +0100
commit	3cde3174eb910513d32a9ec8a9b95ea59be833df (patch)
tree	41ec5b5f807d1f7f04c5d95d2e8caf82e734238b /certs
parent	certs: Move load_certificate_list() to be with the asymmetric keys code (diff)
download	linux-3cde3174eb910513d32a9ec8a9b95ea59be833df.tar.gz linux-3cde3174eb910513d32a9ec8a9b95ea59be833df.tar.bz2 linux-3cde3174eb910513d32a9ec8a9b95ea59be833df.zip

certs: Add FIPS selftests

Add some selftests for signature checking when FIPS mode is enabled. These need to be done before we start actually using the signature checking for things and must panic the kernel upon failure. Note that the tests must not check the blacklist lest this provide a way to prevent a kernel from booting by installing a hash of a test key in the appropriate UEFI table. Reported-by: Simo Sorce <simo@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Herbert Xu <herbert@gondor.apana.org.au> cc: keyrings@vger.kernel.org cc: linux-crypto@vger.kernel.org Link: https://lore.kernel.org/r/165515742832.1554877.2073456606206090838.stgit@warthog.procyon.org.uk/

Diffstat (limited to 'certs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: