From: Eric Biggers <ebiggers@kernel.org>
To: Ingo Franzki <ifranzki@linux.ibm.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
linux-crypto@vger.kernel.org, freude@linux.ibm.com,
dengler@linux.ibm.com
Subject: Re: CI: Another strange crypto message in syslog
Date: Thu, 5 Jun 2025 07:26:41 -0700 [thread overview]
Message-ID: <20250605142641.GA1248@sol> (raw)
In-Reply-To: <d4520a75-c765-406b-a115-a79bbdf8d199@linux.ibm.com>
On Thu, Jun 05, 2025 at 01:26:34PM +0200, Ingo Franzki wrote:
> Hi Herbert,
>
> we see the following error messages in syslog on the current next kernel:
>
> Jun 05 13:15:20 a35lp62.lnxne.boe kernel: basic hdkf test(hmac(sha256)): failed to allocate transform: -2
> Jun 05 13:15:20 a35lp62.lnxne.boe kernel: alg: full crypto tests enabled. This is intended for developer use only.
>
> The first one seem to be failure, but I can't tell where..... I don't see any other typical selftest failure messages.
> -1 is ENOENT. It might be related to the recent changes with sha256 being now in a library...
No, it's from the following commit:
commit ef93f1562803cd7bb8159e3abedaf7f47dce4e35
Author: Herbert Xu <herbert@gondor.apana.org.au>
Date: Wed Apr 30 16:17:02 2025 +0800
Revert "crypto: run initcalls for generic implementations earlier"
That moved the crypto_shash support for hmac and sha256 from subsys_initcall to
module_init, which put at the same level as crypto_hkdf_module_init which
depends on it.
I guess we just move crypto_hkdf_module_init to late_initcall for now.
> The second one is probably because the full selftests are now enabled by
> default. Does it make sense to output this message now anymore at all?
The crypto self-tests remain disabled by default; there's just no longer a
difference between the "regular tests" and the "full tests". The warning makes
sense to me. There should be an indication that the tests are running since
they take a long time and should not be enabled in production kernels.
If this is s390, arch/s390/configs/defconfig has CONFIG_CRYPTO_SELFTESTS=y. Is
that really what you want? I tried to remove it as part of
https://lore.kernel.org/linux-crypto/20250419161543.139344-4-ebiggers@kernel.org/,
but someone complained about that patch so I ended up dropping it. But maybe
you still want to remove it from arch/s390/configs/defconfig. There's already
arch/s390/configs/debug_defconfig that has it enabled too, and maybe you only
want tests enabled in the "debug" one?
- Eric
next prev parent reply other threads:[~2025-06-05 14:26 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-05 11:26 CI: Another strange crypto message in syslog Ingo Franzki
2025-06-05 14:26 ` Eric Biggers [this message]
2025-06-06 7:19 ` Harald Freudenberger
2025-06-06 17:45 ` Eric Biggers
2025-06-16 10:50 ` Harald Freudenberger
2025-06-16 15:58 ` Eric Biggers
2025-06-10 12:37 ` Ingo Franzki
2025-06-10 19:16 ` [PATCH] crypto: hkdf - move to late_initcall Eric Biggers
2025-06-11 3:03 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250605142641.GA1248@sol \
--to=ebiggers@kernel.org \
--cc=dengler@linux.ibm.com \
--cc=freude@linux.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=ifranzki@linux.ibm.com \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox