Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity

msm: crypto: Add CONFIG_FIPS_USE_RECOMPILE for FIPS enablement 

Due to binary compatibility for FIPS pre-compiled binaries, a flag
CONFIG_FIPS_RECOMPILE is added to recompile the FIPS certified
source code. If it is set to y, source code compilation will be
enforced. If it is set to n or undefined, certified binaries will
be used for FIPS enablement.

Note that use of this flag(i.e. recompilation) may invalidate
existing FIPS certification.

Change-Id: If4e3367e63785f7f82e46b5ed73dbe2786f1c3b1
Signed-off-by: William Clark <wclark@codeaurora.org>
This commit is contained in:
William Clark 2015-04-14 13:12:09 -07:00
parent f5c078dba9
commit 0d5acb0293
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
drivers/crypto/Kconfig
View File

@ -312,6 +312,18 @@ config FIPS_ENABLE
which will perform this task. Please select Y here
to enable.
config FIPS_RECOMPILE
bool "Recompile FIPS140-2 certified binaries"
depends on FIPS_ENABLE
help
This flag is to make current build recompile FIPS140-2
certified crypto binary from source. Please select Y here to
enable. In default value n, the compiler will use
pre-compiled binaries. Note that select Y may invalidate
existing FIPS140-2 certification but the recompiled crypto
library remains FIPS certifable. The flag is only
effective when flag FIPS_ENABLE is enabled.
config CRYPTO_DEV_QCRYPTO
tristate "Qualcomm Crypto accelerator"
select CRYPTO_DES