Am Sonntag, 19. April 2015, 13:49:31 schrieb Herbert Xu: Hi Herbert, > On Sat, Apr 18, 2015 at 07:35:11PM +0200, Stephan Mueller wrote: > > Hi, > > > > the current implementation of the DRBG generates a shadow copy of its > > DRBG state for each incoming request. The idea is that only a short > > term lock is needed to spawn the shadow copy. The drawback is that > > if multiple parallel requests come in, the generated DRBG shadow > > states only differ by a high-resolution timer that was mixed in during > > the shadow state generation. > > > > This patch now removes this shadow state and introduces a mutex > > to serialize all requests to one DRBG instance. > > > > The patch was fully CAVS tested and demonstrates that the DRBG still > > complies with the standard. > > All applied. Thanks -- can you please push your tree? There is one more mutex_init missing: in drbg_healthcheck. This missing mutex_init will cause a segfault when booting the kernel with fips=1 -- Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
