On Wed, Jun 03, 2015 at 08:59:13AM +0200, Stephan Mueller wrote: > > Considering the patch 8/8 which removes krng, wouldn't it make sense to remove > the following code from the DRBG: > > /* > * If FIPS mode enabled, the selected DRBG shall have the > * highest cra_priority over other stdrng instances to ensure > * it is selected. > */ > if (fips_enabled) > alg->base.cra_priority += 200; > > That code was added to get a higher prio than the krng in FIPS mode. As this > is not needed any more (krng is gone), I would say it is safe to remove this > code too. You'd have to remove it from ansi_cprng first. Feel free to send patches to do that. Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html