[LTP] [PATCH 1/1] tst_af_alg: Another fix for disabled weak ciphers
Petr Vorel
pvorel@suse.cz
Thu Dec 16 14:24:50 CET 2021
Hi Cyril,
> Hi!
> > e.g. md5 and sm3 on enabled FIPS (fips=1 on cmdline) on SLES 15-SP4.
> > Similar fix to 4fa302ef9d. It fixes:
> > tst_af_alg.c:84: TBROK: unexpected error binding AF_ALG socket to hash algorithm 'md5': ELIBBAD (80)
> That's strange choice of errno, ELIBBAD usually means corrupted ELF
> file, it looks like this comes from kernel fucntion crypto_alg_lookup()
> if the __crypto_alg_lookup() returns alg structure but the
> CRYPTO_ALG_LARVAL bit is not set. Unfortunatelly I have no idea what
> that really means. Have you confirmed with someone who understands the
> code that these cipers are intentionally disabled and that this errno is
> to be expected? And even if that is so we should skip the test on fips
> mode only...
Yes, is the first time I saw ELIBBAD, thus I'll check with developers.
Showing only on md5 and sm3 was "proof" for me it's correct on correctly
configured system with fips=1, but you're right it's better to double check.
Kind regards,
Petr
More information about the ltp
mailing list