fips.c 1.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. /*
  2. * FIPS 200 support.
  3. *
  4. * Copyright (c) 2008 Neil Horman <[email protected]>
  5. *
  6. * This program is free software; you can redistribute it and/or modify it
  7. * under the terms of the GNU General Public License as published by the Free
  8. * Software Foundation; either version 2 of the License, or (at your option)
  9. * any later version.
  10. *
  11. */
  12. #include <linux/export.h>
  13. #include <linux/fips.h>
  14. #include <linux/init.h>
  15. #include <linux/module.h>
  16. #include <linux/kernel.h>
  17. #include <linux/sysctl.h>
  18. int fips_enabled;
  19. EXPORT_SYMBOL_GPL(fips_enabled);
  20. /* Process kernel command-line parameter at boot time. fips=0 or fips=1 */
  21. static int fips_enable(char *str)
  22. {
  23. fips_enabled = !!simple_strtol(str, NULL, 0);
  24. printk(KERN_INFO "fips mode: %s\n",
  25. fips_enabled ? "enabled" : "disabled");
  26. return 1;
  27. }
  28. __setup("fips=", fips_enable);
  29. static struct ctl_table crypto_sysctl_table[] = {
  30. {
  31. .procname = "fips_enabled",
  32. .data = &fips_enabled,
  33. .maxlen = sizeof(int),
  34. .mode = 0444,
  35. .proc_handler = proc_dointvec
  36. },
  37. {}
  38. };
  39. static struct ctl_table crypto_dir_table[] = {
  40. {
  41. .procname = "crypto",
  42. .mode = 0555,
  43. .child = crypto_sysctl_table
  44. },
  45. {}
  46. };
  47. static struct ctl_table_header *crypto_sysctls;
  48. static void crypto_proc_fips_init(void)
  49. {
  50. crypto_sysctls = register_sysctl_table(crypto_dir_table);
  51. }
  52. static void crypto_proc_fips_exit(void)
  53. {
  54. unregister_sysctl_table(crypto_sysctls);
  55. }
  56. static int __init fips_init(void)
  57. {
  58. crypto_proc_fips_init();
  59. return 0;
  60. }
  61. static void __exit fips_exit(void)
  62. {
  63. crypto_proc_fips_exit();
  64. }
  65. module_init(fips_init);
  66. module_exit(fips_exit);