ANDROID: fips140: unregister existing DRBG algorithms

fips140_algorithms[] is a list of cra_names rather than cra_driver_names, so to specify that the existing DRBG algorithms need to be unregistered it needs to contain "stdrng". Bug: 153614920 Bug: 188620248 Change-Id: Id655e74858ca6bff4eedaf761d54c3ae54c2260f Signed-off-by: Eric Biggers <[email protected]>
sourajitk · Jul 12, 2021 · e886dd4 · e886dd4
1 parent 634445a
commit e886dd4
Showing 1 changed file with 2 additions and 23 deletions.
diff --git a/crypto/fips140-module.c b/crypto/fips140-module.c
@@ -52,7 +52,7 @@ const u32 *__initcall_start = &__initcall_start_marker;
 const u8 *__text_start = &__fips140_text_start;
 const u8 *__rodata_start = &__fips140_rodata_start;
 
-static const char fips140_algorithms[][22] __initconst = {
+static const char * const fips140_algorithms[] __initconst = {
 	"aes",
 
 	"gcm(aes)",
@@ -73,28 +73,7 @@ static const char fips140_algorithms[][22] __initconst = {
 	"sha384",
 	"sha512",
 
-	"drbg_nopr_ctr_aes256",
-	"drbg_nopr_ctr_aes192",
-	"drbg_nopr_ctr_aes128",
-	"drbg_nopr_hmac_sha512",
-	"drbg_nopr_hmac_sha384",
-	"drbg_nopr_hmac_sha256",
-	"drbg_nopr_hmac_sha1",
-	"drbg_nopr_sha512",
-	"drbg_nopr_sha384",
-	"drbg_nopr_sha256",
-	"drbg_nopr_sha1",
-	"drbg_pr_ctr_aes256",
-	"drbg_pr_ctr_aes192",
-	"drbg_pr_ctr_aes128",
-	"drbg_pr_hmac_sha512",
-	"drbg_pr_hmac_sha384",
-	"drbg_pr_hmac_sha256",
-	"drbg_pr_hmac_sha1",
-	"drbg_pr_sha512",
-	"drbg_pr_sha384",
-	"drbg_pr_sha256",
-	"drbg_pr_sha1",
+	"stdrng",
 };
 
 static bool __init is_fips140_algo(struct crypto_alg *alg)