On 01/03/20, 12:32 AM, "Greg KH" <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>On Sat, Feb 29, 2020 at 10:01:49AM +0000, Vikash Bansal wrote:
>>
>> On 27/02/20, 12:30 PM, "Greg KH" <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>>
>>
>> > On Thu, Feb 27, 2020 at 05:58:05AM +0000, Vikash Bansal wrote:
>> >> From: Stephan Mueller <smueller@xxxxxxxxxx>
>> >>
>> >> commit db07cd26ac6a418dc2823187958edcfdb415fa83 upstream
>> >>
>> >> FIPS 140-2 section 4.9.2 requires a continuous self test of the noise
>> >> source. Up to kernel 4.8 drivers/char/random.c provided this continuous
>> >> self test. Afterwards it was moved to a location that is inconsistent
>> >> with the FIPS 140-2 requirements. The relevant patch was
>> >> e192be9d9a30555aae2ca1dc3aad37cba484cd4a .
>> >>
>> >> Thus, the FIPS 140-2 CTRNG is added to the DRBG when it obtains the
>> >> seed. This patch resurrects the function drbg_fips_continous_test that
>> >> existed some time ago and applies it to the noise sources. The patch
>> >> that removed the drbg_fips_continous_test was
>> >> b3614763059b82c26bdd02ffcb1c016c1132aad0 .
>> >>
>> >> The Jitter RNG implements its own FIPS 140-2 self test and thus does not
>> >> need to be subjected to the test in the DRBG.
>> >>
>> >> The patch contains a tiny fix to ensure proper zeroization in case of an
>> >> error during the Jitter RNG data gathering.
>> >>
>> >> Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
>> >> Reviewed-by: Yann Droneaud <ydroneaud@xxxxxxxxxx>
>> >> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
>> >> Signed-off-by: Vikash Bansal <bvikas@xxxxxxxxxx>
>> >> ---
>> >> crypto/drbg.c | 94 +++++++++++++++++++++++++++++++++++++++++--
>> >> include/crypto/drbg.h | 2 +
>> >> 2 files changed, 93 insertions(+), 3 deletions(-)
>> >
>> > This looks like a new feature to me, why is it needed in the stable
>> > kernel trees? What bug does it fix?
>>
>> In 4.19.y, 4.14.y & 4.9.y, DRBG implementation is as per NIST recommendation
>> defined in NIST SP800-9A and it designed to be ready for FIPS certification.
>> But it has missed one of the NIST test requirement define in FIPS 140-2(4.9.2),
>> so it is not ready for NIST FIPS certification.
>> With this patch FIPS 140-2(4.9.2) continuous test requirement will be fulfilled.
>
>Then use 5.4 or newer kernels if you need such a certification. Adding
>this new feature to older kernels is just that, a new feature.
>
>What is preventing you from using 5.4? It's much better security wise
>than older kernels for a whole load of reasons.
Thanks for response. I agree with your point. Please close this thread.
Regards
Vikash
>
>thanks,
>
>greg k-h
