Back to home page

LXR

 
 

    


0001 /*
0002  * FIPS 200 support.
0003  *
0004  * Copyright (c) 2008 Neil Horman <nhorman@tuxdriver.com>
0005  *
0006  * This program is free software; you can redistribute it and/or modify it
0007  * under the terms of the GNU General Public License as published by the Free
0008  * Software Foundation; either version 2 of the License, or (at your option)
0009  * any later version.
0010  *
0011  */
0012 
0013 #include <linux/export.h>
0014 #include <linux/fips.h>
0015 #include <linux/init.h>
0016 #include <linux/module.h>
0017 #include <linux/kernel.h>
0018 #include <linux/sysctl.h>
0019 
0020 int fips_enabled;
0021 EXPORT_SYMBOL_GPL(fips_enabled);
0022 
0023 /* Process kernel command-line parameter at boot time. fips=0 or fips=1 */
0024 static int fips_enable(char *str)
0025 {
0026     fips_enabled = !!simple_strtol(str, NULL, 0);
0027     printk(KERN_INFO "fips mode: %s\n",
0028         fips_enabled ? "enabled" : "disabled");
0029     return 1;
0030 }
0031 
0032 __setup("fips=", fips_enable);
0033 
0034 static struct ctl_table crypto_sysctl_table[] = {
0035     {
0036         .procname       = "fips_enabled",
0037         .data           = &fips_enabled,
0038         .maxlen         = sizeof(int),
0039         .mode           = 0444,
0040         .proc_handler   = proc_dointvec
0041     },
0042     {}
0043 };
0044 
0045 static struct ctl_table crypto_dir_table[] = {
0046     {
0047         .procname       = "crypto",
0048         .mode           = 0555,
0049         .child          = crypto_sysctl_table
0050     },
0051     {}
0052 };
0053 
0054 static struct ctl_table_header *crypto_sysctls;
0055 
0056 static void crypto_proc_fips_init(void)
0057 {
0058     crypto_sysctls = register_sysctl_table(crypto_dir_table);
0059 }
0060 
0061 static void crypto_proc_fips_exit(void)
0062 {
0063     unregister_sysctl_table(crypto_sysctls);
0064 }
0065 
0066 static int __init fips_init(void)
0067 {
0068     crypto_proc_fips_init();
0069     return 0;
0070 }
0071 
0072 static void __exit fips_exit(void)
0073 {
0074     crypto_proc_fips_exit();
0075 }
0076 
0077 module_init(fips_init);
0078 module_exit(fips_exit);