Have a single function for FIPS test failures. Change-Id: Iab7a738a8981de7c56d1585050e78699cb876dab Reviewed-on: https://boringssl-review.googlesource.com/16467 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c
index ac9a407..f39661b 100644
--- a/crypto/fipsmodule/bcm.c
+++ b/crypto/fipsmodule/bcm.c

@@ -637,9 +637,13 @@
   return;
 
 err:
+  BORINGSSL_FIPS_abort();
+}
+
+void BORINGSSL_FIPS_abort(void) {
   for (;;) {
-    exit(1);
     abort();
+    exit(1);
   }
 }
 #endif  /* BORINGSSL_FIPS */

diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c
index b627e06..a745252 100644
--- a/crypto/fipsmodule/rand/rand.c
+++ b/crypto/fipsmodule/rand/rand.c

@@ -141,17 +141,14 @@
    * generator test” which causes the program to randomly abort. Hopefully the
    * rate of failure is small enough not to be a problem in practice. */
   if (CRYPTO_memcmp(state->last_block, entropy, CRNGT_BLOCK_SIZE) == 0) {
-    for (;;) {
-      exit(1);
-      abort();
-    }
+    BORINGSSL_FIPS_abort();
   }
 
   for (size_t i = CRNGT_BLOCK_SIZE; i < sizeof(entropy);
        i += CRNGT_BLOCK_SIZE) {
     if (CRYPTO_memcmp(entropy + i - CRNGT_BLOCK_SIZE, entropy + i,
                       CRNGT_BLOCK_SIZE) == 0) {
-      abort();
+      BORINGSSL_FIPS_abort();
     }
   }
   OPENSSL_memcpy(state->last_block,

diff --git a/crypto/internal.h b/crypto/internal.h
index 1d5a25d..f58f1cf 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h

@@ -631,6 +631,12 @@
   return memset(dst, c, n);
 }
 
+#if defined(BORINGSSL_FIPS)
+/* BORINGSSL_FIPS_abort is called when a FIPS power-on or continuous test
+ * fails. It prevents any further cryptographic operations by the current
+ * process. */
+void BORINGSSL_FIPS_abort(void) __attribute__((noreturn));
+#endif
 
 #if defined(__cplusplus)
 }  /* extern C */