[openssl-users] FIPS Linux kernel documentation ?

Marcus Meissner meissner at suse.de
Thu Mar 26 17:00:55 UTC 2015

On Thu, Mar 26, 2015 at 10:57:28AM -0400, Steve Marquess wrote:
> On 03/25/2015 06:26 PM, jonetsu at teksavvy.com wrote:
> > On Wed, 25 Mar 2015 17:03:04 -0400
> > Steve Marquess <marquess at openssl.com> wrote:
> > 
> >> I wasn't aware the Linux kernel (the real one, not proprietary
> >> commercial derivatives) had a "FIPS" mode. Please enlighten me.
> > 
> > It could very well be that the word 'mode' is not the right one.
> > 'option' would perhaps be better.  This article from 2009 sets the
> > foundation:
> > 
> > http://www.guerilla-ciso.com/archives/793
> > 
> > I wonder, 6 years later, what the kernel fips option implies.  Maybe I
> > could try to contact Neil Horman andéor look into the sources.
> That reference gives a pretty good explanation. CONFIG_CRYPTO_FIPS
> doesn't get you any closer to FIPS 140-2 validated kernel cryptography.
> Unfortunately FIPS 140-2 validation conflicts rather violently with open
> source software (and with software engineering best practice in general,
> for that matter). Even if some benevolent benefactor ponied up the
> quarter megabuck it would take to do an open source based kernel crypto
> validation, it would be fossilized code obsolete before the validation
> was even approved. Linux got to be as good as it is due to constant
> refinement and improvement; FIPS validation presumes that it is possible
> to write perfect code in one shot and that the environment that code
> runs in never changes.

This is not true.

Both Redhat and SUSE have certified or are currently in the process of
certifying the Linux Kernel as a cryptographic module and it is not
as hard as you make it.

The scope is the cryptographic module abstraction layer and even includes
loadable modules. Integrity checking is done in the initrd for vmlinuz
and via the module signatures also used for UEFI secure boot.
crypto/testmgr.c contains the power up selftests.

CAVS testing is external, driven over a specific kernel module.

There is no binary only blob involved, the paper work will however list
an explicit version of a specific kernel release.

And the bucks are more in the low 5 digit bucks range.

FWIW, here is Redhats last security policy:

Ciao, Marcus

More information about the openssl-users mailing list