On Tue, May 12, 2009 at 08:37:27PM -0400, Neil Horman wrote: > > > Would there be any objections to dropping the noexit parameter > > entirely and just making its behavior the default? It would make > > all users regardless of fips mode notice failures more readily. > > > I think thats a fine idea. Theres no reason that a user of the tcrypt module > can't manually rmmod it when the testing is done. Doing it that way just seems > more sane to me to begin with anyway. No, tcrypt is only a relic for correctness testing. Its main purpose these days is for speed testing. Having to rmmod it is silly. There's really no need to load tcrypt for correctness testing anymore. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
