Skip to content
This repository has been archived by the owner on May 12, 2021. It is now read-only.

kernel: Enable configuration for fips mode. #788

Merged
merged 1 commit into from
Nov 8, 2019

Conversation

amshinde
Copy link
Member

@amshinde amshinde commented Nov 1, 2019

This will allow us to run a VM in fips mode.
The intention is to check if the host is running in fips mode
and then start a container in fips mode as well.

Fixes #787

Signed-off-by: Archana Shinde [email protected]

This will allow us to run a VM in fips mode.
The intention is to check if the host is running in fips mode
and then start a container in fips mode as well.

Fixes kata-containers#787

Signed-off-by: Archana Shinde <[email protected]>
@amshinde amshinde requested a review from egernst November 1, 2019 22:26
Copy link
Contributor

@jodh-intel jodh-intel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Copy link
Contributor

@grahamwhaley grahamwhaley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm
Had to go look up what FIPS was ;-)
@amshinde - I'm presuming there are no noticeable size/speed impacts with this addition?

@grahamwhaley
Copy link
Contributor

/test

@chavafg
Copy link
Contributor

chavafg commented Nov 4, 2019

/AzurePipelines run

@azure-pipelines
Copy link

Azure Pipelines successfully started running 2 pipeline(s).

amshinde added a commit to amshinde/kata-runtime that referenced this pull request Nov 8, 2019
FIPS are a set of security standards for encryption algororithms
in user and kernel space among others.
Have Kata support this by starting the VM for a container
in FIPS mode on detecting that the host is running in FIPS mode.

Depends-on: github.com/kata-containers/packaging#788

Fixes kata-containers#2170

Signed-off-by: Archana Shinde <[email protected]>
@jcvenegas jcvenegas merged commit 8b26173 into kata-containers:master Nov 8, 2019
amshinde added a commit to amshinde/kata-runtime that referenced this pull request Nov 8, 2019
FIPS are a set of security standards for encryption algorithms
in user and kernel space among others.
Have Kata support this by starting the VM for a container
in FIPS mode on detecting that the host is running in FIPS mode.

Depends-on: github.com/kata-containers/packaging#788

Fixes kata-containers#2170

Signed-off-by: Archana Shinde <[email protected]>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add support for fips mode CONFIG_CRYPTO_FIPS
5 participants