1. Please describe the problem: boot panics in FIPS mode 2. What is the Version-Release number of the kernel: 5.13.0-0.rc6.45.fc35.x86_64 3. Did it work previously in Fedora? If so, what kernel version did the issue *first* appear? Old kernels are available for download at https://koji.fedoraproject.org/koji/packageinfo?packageID=8 : yes, works fine in Fedora 34 4. Can you reproduce this issue? If so, please provide the steps to reproduce the issue below: fips-mode-setup --enable 5. Does this problem occur with the latest Rawhide kernel? To install the Rawhide kernel, run ``sudo dnf install fedora-repos-rawhide`` followed by ``sudo dnf update --enablerepo=rawhide kernel``: Yes. 6. Are you running any modules that not shipped with directly Fedora's kernel?: No. 7. Please attach the kernel logs. You can get the complete kernel log for a boot with ``journalctl --no-hostname -k > dmesg.txt``. If the issue occurred on a previous boot, use the journalctl ``-b`` flag. [ 1.783841] alg: self-tests for ghash-generic (ghash) passed [ 1.789652] alg: No test for ecdh-nist-p192 (ecdh-generic) [ 1.797673] alg: ecdh-nist-p256: test failed on vector 2, err=-14 [ 1.803645] Kernel panic - not syncing: alg: self-tests for ecdh-generic (ec! [ 1.804641] CPU: 7 PID: 135 Comm: cryptomgr_test Not tainted 5.13.0-0.rc6.451 [ 1.804641] Hardware name: Dell Inc. PowerEdge R210/0M877N, BIOS 1.10.0 09/13 [ 1.804641] Call Trace: [ 1.804641] dump_stack+0x76/0x94 [ 1.804641] panic+0xf1/0x2d3 [ 1.804641] alg_test+0x541/0x550 [ 1.804641] ? psi_task_switch+0xc5/0x240 [ 1.804641] ? __switch_to_asm+0x42/0x70 [ 1.804641] ? __switch_to+0x82/0x450 [ 1.804641] ? __schedule+0x2fb/0x990 [ 1.804641] ? crypto_acomp_scomp_free_ctx+0x30/0x30 [ 1.804641] cryptomgr_test+0x27/0x50 [ 1.804641] kthread+0x11b/0x140 [ 1.804641] ? kthread_associate_blkcg+0xa0/0xa0 [ 1.804641] ret_from_fork+0x22/0x30 [ 1.804641] ---[ end Kernel panic - not syncing: alg: self-tests for ecdh-ge-
Response 4 above should be # fips-mode-setup --enable # reboot
The commit that introduced the string ecdh-nist-p256 was 6763f5ea2d9 ("crypto: ecdh - move curve_id of ECDH from the key to algorithm name") and is the most recent change to crypto/ecdh.c.
There is a fix in linux-next which should fix the issue 6889fc2104e5 ("crypto: ecdh - fix ecdh-nist-p192's entry in testmgr")
Strike comment #4 - I cloned and built linux-next and it still gets the error.
The affected kernel has been submitted into Fedora 34 (and F33 as well) and now FIPS cannot be enabled, otherwise it panics: ``` [ 0.293300] Call Trace: [ 0.293300] dump_stack+0x76/0x94 [ 0.293300] panic+0xf1/0x2d3 [ 0.293300] alg_test+0x541/0x550 [ 0.293300] ? psi_task_switch+0x10e/0x240 [ 0.293300] ? __switch_to_asm+0x42/0x70 [ 0.293300] ? __switch_to+0x11b/0x460 [ 0.293300] ? __schedule+0x2fb/0x990 [ 0.293300] ? crypto_acomp_scomp_free_ctx+0x30/0x30 [ 0.293300] cryptomgr_test+0x27/0x50 [ 0.293300] kthread+0x124/0x150 [ 0.293300] ? set_kthread_struct+0x40/0x40 [ 0.293300] ret_from_fork+0x1f/0x30 [ 0.293300] ---[ end Kernel panic - not syncing: alg: self-tests for ecdh-generic (ecdh-nist-p256) failed in fips mode! ]--- ``` Steps to reproduce: 1. Take current Fedora 34 2. Update kernel-core (5.12.17-300.fc34 -> 5.13.4-200.fc34) 3. # fips-mode-setup --enable 4. # systemctl reboot
It certainly isn't the patch listed then as the fix, as that patch was included in 5.13.2.
This hasn't happened with recent Fedora 33/34/35 any more, so assuming rawhide is fixed as well, closing. Thanks! See bug 1989771.