LXR linux/crypto/fips.c

   1// SPDX-License-Identifier: GPL-2.0-or-later
   2/*
   3 * FIPS 200 support.
   4 *
   5 * Copyright (c) 2008 Neil Horman <nhorman@tuxdriver.com>
   6 */
   7
   8#include <linux/export.h>
   9#include <linux/fips.h>
  10#include <linux/init.h>
  11#include <linux/module.h>
  12#include <linux/kernel.h>
  13#include <linux/sysctl.h>
  14
  15int fips_enabled;
  16EXPORT_SYMBOL_GPL(fips_enabled);
  17
  18/* Process kernel command-line parameter at boot time. fips=0 or fips=1 */
  19static int fips_enable(char *str)
  20{
  21        fips_enabled = !!simple_strtol(str, NULL, 0);
  22        printk(KERN_INFO "fips mode: %s\n",
  23                fips_enabled ? "enabled" : "disabled");
  24        return 1;
  25}
  26
  27__setup("fips=", fips_enable);
  28
  29static struct ctl_table crypto_sysctl_table[] = {
  30        {
  31                .procname       = "fips_enabled",
  32                .data           = &fips_enabled,
  33                .maxlen         = sizeof(int),
  34                .mode           = 0444,
  35                .proc_handler   = proc_dointvec
  36        },
  37        {}
  38};
  39
  40static struct ctl_table crypto_dir_table[] = {
  41        {
  42                .procname       = "crypto",
  43                .mode           = 0555,
  44                .child          = crypto_sysctl_table
  45        },
  46        {}
  47};
  48
  49static struct ctl_table_header *crypto_sysctls;
  50
  51static void crypto_proc_fips_init(void)
  52{
  53        crypto_sysctls = register_sysctl_table(crypto_dir_table);
  54}
  55
  56static void crypto_proc_fips_exit(void)
  57{
  58        unregister_sysctl_table(crypto_sysctls);
  59}
  60
  61static int __init fips_init(void)
  62{
  63        crypto_proc_fips_init();
  64        return 0;
  65}
  66
  67static void __exit fips_exit(void)
  68{
  69        crypto_proc_fips_exit();
  70}
  71
  72subsys_initcall(fips_init);
  73module_exit(fips_exit);
  74