2019-05-27 09:55:01 +03:00
// SPDX-License-Identifier: GPL-2.0-or-later
2008-08-05 10:13:08 +04:00
/*
* FIPS 200 support .
*
* Copyright ( c ) 2008 Neil Horman < nhorman @ tuxdriver . com >
*/
2015-04-22 08:25:54 +03:00
# include <linux/export.h>
# include <linux/fips.h>
# include <linux/init.h>
2015-04-22 08:25:56 +03:00
# include <linux/module.h>
2015-04-22 08:25:54 +03:00
# include <linux/kernel.h>
2015-04-22 08:25:56 +03:00
# include <linux/sysctl.h>
2019-07-02 14:39:20 +03:00
# include <linux/notifier.h>
2022-07-08 15:33:13 +03:00
# include <generated/utsrelease.h>
2008-08-05 10:13:08 +04:00
int fips_enabled ;
EXPORT_SYMBOL_GPL ( fips_enabled ) ;
2019-07-02 14:39:20 +03:00
ATOMIC_NOTIFIER_HEAD ( fips_fail_notif_chain ) ;
EXPORT_SYMBOL_GPL ( fips_fail_notif_chain ) ;
2008-08-05 10:13:08 +04:00
/* Process kernel command-line parameter at boot time. fips=0 or fips=1 */
static int fips_enable ( char * str )
{
fips_enabled = ! ! simple_strtol ( str , NULL , 0 ) ;
printk ( KERN_INFO " fips mode: %s \n " ,
fips_enabled ? " enabled " : " disabled " ) ;
return 1 ;
}
__setup ( " fips= " , fips_enable ) ;
2015-04-22 08:25:56 +03:00
2022-07-08 15:33:13 +03:00
# define FIPS_MODULE_NAME CONFIG_CRYPTO_FIPS_NAME
# ifdef CONFIG_CRYPTO_FIPS_CUSTOM_VERSION
# define FIPS_MODULE_VERSION CONFIG_CRYPTO_FIPS_VERSION
# else
# define FIPS_MODULE_VERSION UTS_RELEASE
# endif
static char fips_name [ ] = FIPS_MODULE_NAME ;
static char fips_version [ ] = FIPS_MODULE_VERSION ;
2015-04-22 08:25:56 +03:00
static struct ctl_table crypto_sysctl_table [ ] = {
{
2022-07-08 15:33:13 +03:00
. procname = " fips_enabled " ,
. data = & fips_enabled ,
. maxlen = sizeof ( int ) ,
. mode = 0444 ,
. proc_handler = proc_dointvec
} ,
{
. procname = " fips_name " ,
. data = & fips_name ,
. maxlen = 64 ,
. mode = 0444 ,
. proc_handler = proc_dostring
} ,
{
. procname = " fips_version " ,
. data = & fips_version ,
. maxlen = 64 ,
. mode = 0444 ,
. proc_handler = proc_dostring
2015-04-22 08:25:56 +03:00
} ,
{ }
} ;
static struct ctl_table crypto_dir_table [ ] = {
{
. procname = " crypto " ,
. mode = 0555 ,
. child = crypto_sysctl_table
} ,
{ }
} ;
static struct ctl_table_header * crypto_sysctls ;
static void crypto_proc_fips_init ( void )
{
crypto_sysctls = register_sysctl_table ( crypto_dir_table ) ;
}
static void crypto_proc_fips_exit ( void )
{
unregister_sysctl_table ( crypto_sysctls ) ;
}
2019-07-02 14:39:20 +03:00
void fips_fail_notify ( void )
{
if ( fips_enabled )
atomic_notifier_call_chain ( & fips_fail_notif_chain , 0 , NULL ) ;
}
EXPORT_SYMBOL_GPL ( fips_fail_notify ) ;
2015-04-22 08:25:56 +03:00
static int __init fips_init ( void )
{
crypto_proc_fips_init ( ) ;
return 0 ;
}
static void __exit fips_exit ( void )
{
crypto_proc_fips_exit ( ) ;
}
2019-04-12 07:57:42 +03:00
subsys_initcall ( fips_init ) ;
2015-04-22 08:25:56 +03:00
module_exit ( fips_exit ) ;