On Sat, May 27, 2023 at 07:49:26AM +0000, Ashwin Dayanand Kamat wrote: > > > > On 25-Mar-2023, at 12:03 PM, Ashwin Dayanand Kamat <kashwindayan@xxxxxxxxxx> wrote: > > > > > >> On 23-Mar-2023, at 2:16 AM, Simon Horman <simon.horman@xxxxxxxxxxxx> wrote: > >> > >> !! External Email > >> > >> On Wed, Mar 22, 2023 at 07:34:40PM +0530, Ashwin Dayanand Kamat wrote: > >>> MD5 is not FIPS compliant. But still md5 was used as the default > >>> algorithm for sctp if fips was enabled. > >>> Due to this, listen() system call in ltp tests was failing for sctp > >>> in fips environment, with below error message. > >>> > >>> [ 6397.892677] sctp: failed to load transform for md5: -2 > >>> > >>> Fix is to not assign md5 as default algorithm for sctp > >>> if fips_enabled is true. Instead make sha1 as default algorithm. > >>> > >>> Fixes: ltp testcase failure "cve-2018-5803 sctp_big_chunk" > >>> Signed-off-by: Ashwin Dayanand Kamat <kashwindayan@xxxxxxxxxx> > >>> --- > >>> v2: > >>> the listener can still fail if fips mode is enabled after > >>> that the netns is initialized. So taking action in sctp_listen_start() > >>> and buming a ratelimited notice the selected hmac is changed due to fips. > >>> --- > >>> net/sctp/socket.c | 10 ++++++++++ > >>> 1 file changed, 10 insertions(+) > >>> > >>> diff --git a/net/sctp/socket.c b/net/sctp/socket.c > >>> index b91616f819de..a1107f42869e 100644 > >>> --- a/net/sctp/socket.c > >>> +++ b/net/sctp/socket.c > >>> @@ -49,6 +49,7 @@ > >>> #include <linux/poll.h> > >>> #include <linux/init.h> > >>> #include <linux/slab.h> > >>> +#include <linux/fips.h> > >>> #include <linux/file.h> > >>> #include <linux/compat.h> > >>> #include <linux/rhashtable.h> > >>> @@ -8496,6 +8497,15 @@ static int sctp_listen_start(struct sock *sk, int backlog) > >>> struct crypto_shash *tfm = NULL; > >>> char alg[32]; > >>> > >>> + if (fips_enabled && !strcmp(sp->sctp_hmac_alg, "md5")) { > >>> +#if (IS_ENABLED(CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1)) > >> > >> I'm probably misunderstanding things, but would > >> IS_ENABLED(CONFIG_SCTP_COOKIE_HMAC_SHA1) > >> be more appropriate here? > >> > > > > Hi Simon, > > I have moved the same check from sctp_init() to here based on the review for v1 patch. > > Please let me know if there is any alternative which can be used? > > > > Thanks, > > Ashwin Kamat > > > Hi Team, > Any update on this? Hi Ashwin, I don't recall exactly what I was thinking 2 months ago. But looking at this a second time it seems that I may have misread your patch: I now have no objections to it in its original form.