From 50661975be743adc212b2fe000f8b883507f2618 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Thu, 8 Jul 2021 14:46:47 -0700 Subject: [PATCH] ANDROID: fips140: add/update module help text Add some help text for CONFIG_CRYPTO_FIPS140_MOD, add a comment for CONFIG_CRYPTO_FIPS140, and update the file comment for fips140-module.c. In particular, mention that the module also does self-tests, and that it is also intended to meet NIAP requirements -- not just FIPS. Bug: 153614920 Bug: 188620248 Change-Id: If2c316e54fba2c4594e70a14a5a8fa1dba3589a1 Signed-off-by: Eric Biggers --- crypto/Kconfig | 15 ++++++++++++++- crypto/fips140-module.c | 15 +++++++++------ 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/crypto/Kconfig b/crypto/Kconfig index f52237ac12c5..d726b1c3a7f8 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -32,13 +32,26 @@ config CRYPTO_FIPS certification. You should say no unless you know what this is. +# CRYPTO_FIPS140 just enables the support in the kernel for loading fips140.ko. +# The module still needs to be built and loaded if you need FIPS 140 compliance. config CRYPTO_FIPS140 def_bool y depends on MODULES && ARM64 && ARM64_MODULE_PLTS config CRYPTO_FIPS140_MOD - bool "Enable FIPS140 integrity self-checked loadable module" + bool "Enable FIPS 140 cryptographic module" depends on LTO_CLANG && CRYPTO_FIPS140 + help + This option enables building a loadable module fips140.ko, which + contains various crypto algorithms that are also built into vmlinux. + At load time, this module overrides the built-in implementations of + these algorithms with its implementations. It also runs self-tests on + these algorithms and verifies the integrity of its code and data. If + either of these steps fails, the kernel will panic. + + This module is intended to be loaded at early boot time in order to + meet FIPS 140 and NIAP FPT_TST_EXT.1 requirements. It shouldn't be + used if you don't need to meet these requirements. config CRYPTO_FIPS140_MOD_ERROR_INJECTION bool "Support injecting failures into the FIPS 140 self-tests" diff --git a/crypto/fips140-module.c b/crypto/fips140-module.c index f0ed4602e924..a91735c37c67 100644 --- a/crypto/fips140-module.c +++ b/crypto/fips140-module.c @@ -3,12 +3,15 @@ * Copyright 2021 Google LLC * Author: Ard Biesheuvel * - * This file is the core of the fips140.ko, which carries a number of crypto - * algorithms and chaining mode templates that are also built into vmlinux. - * This modules performs a load time integrity check, as mandated by FIPS 140, - * and replaces registered crypto algorithms that appear on the FIPS 140 list - * with ones provided by this module. This meets the FIPS 140 requirements for - * a cryptographic software module. + * This file is the core of fips140.ko, which contains various crypto algorithms + * that are also built into vmlinux. At load time, this module overrides the + * built-in implementations of these algorithms with its implementations. It + * also runs self-tests on these algorithms and verifies the integrity of its + * code and data. If either of these steps fails, the kernel will panic. + * + * This module is intended to be loaded at early boot time in order to meet + * FIPS 140 and NIAP FPT_TST_EXT.1 requirements. It shouldn't be used if you + * don't need to meet these requirements. */ #include